Online authentication provides emergency access for users with missing or damaged tokens. Even with a missing token, users can continue to have two-factor authentication using an online emergency access tokencode, an 8-character alphanumeric code generated by Authentication Manager.
Note: Emergency online authentication to RSA authentication agents is supported for Authentication Manager users who lose or misplace the device that has the RSA SecurID Authenticate app. Emergency online authentication is not supported for additional authentication on the Cloud Authentication Service.
The format of the online emergency access tokencode is determined by the token policy of the associated security domain. For example, if the security domain’s token policy allows special characters, the online emergency access tokencode can include special characters.
If a user has an expired token, assign a new token, and then provide temporary access. An online emergency access tokencode cannot be assigned to a user with an expired token. For instructions, see Provide an Offline Emergency Passcode.
The following table lists the types of online emergency access tokencodes. Both tokencode types replace the tokencode generated by the user’s token.
| Tokencode Type | Description |
|---|---|
| Temporary fixed tokencode |
For instructions, see Assign a Temporary Fixed Tokencode. |
| One-time tokencode |
For instructions, see Assign a Set of One-Time Tokencodes. |
Users can also use the Self-Service Console to request temporary access to Authentication Manager without the assistance of an administrator. For more information, see RSA Self-Service Overview.