This article explains how to set emergency access tokencode lifetime for permanently lost or broken RSA SecurID tokens.
In the Security Console,
Click Setup > Self-Service Settings.
Click Manage Authenticators.
In the Emergency Access Tokencode Settings for Permanently Lost or Broken Tokens section, use the Emergency Access Tokencode Lifetime fields to enter the length of time for which the emergency access tokencodes are to remain active. (The default value is set to 7 days)
Choose an option for if token becomes available. Authentication Manager take one of the following actions:
Allow authentication and disable online emergency tokencodes, or
Allow authentication with the token only after the emergency access tokencode lifetime has expired.