The following error shows when attempting to log in to the console after using the Forgot Password link:
The Access Policy that is configured for step-up authentication denies the authentication. Some examples of why this may occur include:
The user is not in a target population that is configured in the Access Policy that can access the Cloud Administration Console.
The login attempt matches a Deny Access rule that is configured in the Access Policy. For example, logging in from a country that is denied access, or the user's network is not on the Trusted Network list.
The login attempt matches an Authenticate rule, but the configured Assurance Level only allows authentication methods that are not available to the administrator's user. For example,
Approve when the administrator's user does not have a registered RSA Authenticate app device, or
RSA SecurID when the administrator's user does not have an assigned RSA SecurID token.