Two-Factor Authentication (Administrator) - Reissuing a Secret Key

The secret key is a unique 16 character alphanumeric code that is required during the set up of the PIN generating tools. When a secret key is lost or compromised, the administrator can delete the key. After the key is deleted, a new secret key is sent in an email to the user the first time he or she logs on to the CommCell.

Scenarios that require reissuing the secret key:

  • The user deleted the email where the secret key was provided before using the key in the PIN generating tools.
  • The user accidentally forwarded the email containing the secret key to other users.


  1. From the command prompt, navigate to software_installation_directory/Base.
  2. Log on to the CommServe using the qlogin command.
  3. Run the following command to delete a secret key for a user:

    qoperation execscript -sn QS_DeleteTFASecretForUser -si @user = 'userName'

    where userName is the login name of the CommCell user who requires a new secret key.

  4. Notify the user that a new secret key will be sent in an email the next time he or she logs on to the CommCell.