Emergency Access for Cloud Authentication Service Users

You can temporarily provide emergency access for users who cannot use their preferred authentication methods. Users may be unable to use a preferred method for a variety of reasons, for example, the user may have lost an RSA SecurID token or FIDO authenticator, or the user cannot locate the mobile phone where the RSA SecurID Authenticate app is registered. In such cases, several methods are available for emergency access.

Emergency Access Method Description
SMS Tokencode RSA SecurID Access can send an SMS Tokencode to the user's phone in a text message. For more information, see Supported Authentication Methods - SMS Tokencode.
Voice Tokencode RSA SecurID Access can call the user's phone to provide a six-digit tokencode when the user attempts to access an application. A mobile phone is not required for Voice Tokencode. For more information, see Supported Authentication Methods - Voice Tokencode.
Emergency Tokencode

If a user forgets or misplaces a registered authenticator, you can generate an Emergency Tokencode and provide it to the user to access protected resources when the user is online or offline.

Emergency Tokencode can be used online when the user is able to sign into the company network without the registered authenticator and needs to access resources protected by the Cloud Authentication Service.

Emergency Tokencode can also be used to sign into a Windows computer that is protected by the RSA MFA Agent for Microsoft Windows, even if the computer has no internet connection. If the computer has an internet connection, the same tokencode can be used to access resources protected by the Cloud Authentication Service. For more information see Supported Authentication Methods - Emergency Tokencode.