An offline authentication policy defines the way users authenticate when they are not connected to the network.
Offline authentication extends RSA SecurID authentication to users when the connection to RSA Authentication Manager is not available (for example, when users work away from the office or when network conditions make the connection temporarily unavailable).
An offline authentication policy is assigned to each security domain. A deployment can have multiple offline authentication policies.
Two policies can conflict if the user is in one security domain and the agent (their computer) is in a different security domain, and the security domains have different offline authentication policies.
RSA does not recommend offline authentication for the following authenticators:
Tokens that do not require PINs
These authenticators are likely to contain fewer characters than required by the minimum offline passcode length setting. You can override this setting to explicitly allow offline authentication using these authenticators.