You must unlock the RSA SecurID Authenticate Tokencode and SMS Tokencode after they have been locked for a user. Unlocking these methods makes them available for authentication. Lockout settings are configured at My Account > Company Settings > Sessions & Authentication. Retries for each method are counted separately and each method is locked separately, but both methods are unlocked simultaneously. The lockout counter for each method is cleared after either of the following events occur:
- The user successfully authenticates. For example, if four retries are allowed and the user fails twice and succeeds on the third attempt, the counter is set to 0 because the lockout maximum was not reached.
- You manually unlock the methods on the Users > Management page.
Note: Only the user's authentication method is locked. The user's Cloud Authentication Service account is not locked or inactivated.
Before you begin
Super Admins and Help Desk Administrators can perform this task. If the user cannot be found, the Super Admin must synchronize the identity sources to update the Cloud Authentication Service.
- In the Cloud Administration Console, click Users > Management.
- In the Search field, enter the user's User ID, which is also the user's email address. Select the user from the list.
On the user's detail page, click Unlock Tokencodes.
A success message appears after the methods are unlocked.