Offline authentication provides emergency access for RSA SecurID for Windows users who require emergency access while authenticating offline. These are users with lost or stolen tokens, or users who have forgotten their PIN. Temporary emergency access can be provided in two ways:
- Offline emergency access tokencode. Use this option if the user’s token is unavailable. The Offline Emergency Access Tokencode is used with the user’s PIN.
- Offline emergency passcode. Use this option if a user has forgotten his or her PIN. The offline emergency passcode is used in place of the user’s PIN and tokencode.
RSA SecurID for Windows users may need temporary emergency access so that they can authenticate while working offline. Temporary emergency access is necessary for users with misplaced, lost, or stolen tokens, or users who have forgotten their PIN.
For offline authentication, the system generates and downloads an offline passcode or tokencode before the user needs it. Providing emergency offline authentication codes must be done in advance. Authentication codes cannot be sent to a user who is offline.
If a user has an expired token, assign a new token, and then provide temporary access.
Note: Offline emergency access is not supported for users with RSA SecurID Authenticate Tokencodes because RSA Authentication Manager must be available to send the authentication request to the RSA SecurID Access identity router.