Rollback a Key Inactivation

• The Rollback Key function "undoes" inadvertent inactivation of an account by restoring the user's authorizations for systems and SFAs to what they were before the key was deleted. A new key is issued automatically.
• Rollback is allowed for keys that were inactivated within the last 90 days.
• The key is not the same as the password.
• This function is restricted to authorized users. An audit record is kept.

• To find accounts that meet the criteria to rollback:

1. Select the account.
2. Click the Key menu.
3. Click the Rollback Key option.
4. If there are no instances of a Key inactivation the user that meet the criteria for being rolled back, a message displays. Click the OK button to acknowledge.
5. If they exist, accounts for the selected user that meet the criteria for rollback are displayed.

• Click the Rollback Criteria link to display the criteria used determine which key inactivations to rollback.

• Click the Rollback Definition link to display what tasks the rollback will accomplish.

• The display includes the following information:

• - View detail icon. Click to view information on the account. click the Close button to return to the Rollback window.

• Inactivated On - the date and time that the Key was inactivated.
• Inactivated By - the person responsible for inactivating the Key.
• Systems Removed - a list of all the systems the user had access to at the time the Key was inactivated. If the user did not have access to any systems, this value is <none>.
• SFAs Removed - a list of all the Shared File Areas the user had access to at the time the Key was inactivated. If the user did not have access to any Shared File Areas, this value will be <none>.

• To rollback an account:

1. Click to check a single checkbox to indicate which record to roll back.
2. Click the Rollback button.
3. When prompted, authenticate your authorization by typing your User Name and Password, and then clicking the OK button.
4. When prompted, click the OK button to acknowledge the message that the key inactivation rollback is complete.
5. The new key for the selected account is generated automatically. If needed, while the display is available (it closes automatically after two minutes), make a note of it.

• The key expiration date is 180 days from the date it is issued.
• The user can look up their new key in their profile: see Finding My Key.
• Authorized PAS users can look up an account key; see Displaying the key for an account.