You can provide emergency access for users who cannot use their preferred authentication methods. Users may be unable to use a preferred method for a variety of reasons, for example, the user may have lost an RSA SecurID token or FIDO authenticator, or the user cannot locate the mobile phone where the RSA SecurID Authenticate app is registered, or the mobile phone cannot be charged. In such cases, several methods are available for emergency access.
|Emergency Access Method||Description|
|SMS Tokencode||RSA SecurID Access can send an SMS Tokencode to the user's phone in a text message. For emergency access, make sure the Cloud Authentication Service has a phone number for the user that is different from the one registered to use the Authenticate app. For more information, see Supported Authentication Methods - SMS Tokencode.|
|Voice Tokencode||RSA SecurID Access can call the user's phone to provide a six-digit tokencode when the user attempts to access an application. For emergency access, make sure the Cloud Authentication Service has a phone number for the user that is different from the one registered to use the Authenticate app. A mobile phone is not required for Voice Tokencode. For more information, see Supported Authentication Methods - Voice Tokencode.|
|Emergency Tokencode|| |
If a user forgets or misplaces a registered authenticator, you can provide the user with an Emergency Tokencode. The next time the user attempts to access the protected resource, the user can select Emergency Tokencode from the list of authentication options. The tokencode is valid for the configured number of days (1-7). For more information see Supported Authentication Methods - Emergency Tokencode.
|Offline emergency access tokencode from RSA Authentication Manager|| |
Offline emergency access is available to users who use the RSA SecurID Authenticate app to access resources protected by Authentication Manager under the following conditions:
Under these circumstances, users can call your Help Desk to get an offline emergency access tokencode that is generated using the Security Console. This tokencode is valid for a specific time limit (for example, 24 hours), which can to get users through the day until they can retrieve their phone or token. For more information, see Provide an Offline Emergency Access Tokencode.
Note: This tokencode cannot be used to access resources protected by the Cloud Authentication Service.