In the case when a user has lost or misplaced their tokens and needs to access an application protected with two-factor authentication urgently, an emergency code can be issued to temporarily replace the user’s token. The policy defines the construction and lifespan of an activation code, such as the length and characters of the code.
From the Home page of the Management Console, left click on the menu item "Administration", select "Policies", then in the new tab "POLICIES", select the category "Emergency Code", then click the button;.
The Emergency Code policy settings can now be viewed (or edited) by left clicking on the context menu of the Emergency Code policy, then selecting either "View" or "Edit";
Editing the Emergency Code Policy Settings:
Once the self service policy has been edited, a new window will open titled "Policy - Edit" (that can be used to edit the policy settings for this policy);
The Category for Emergency Code policies is "Emergency Code" and will include all System, Domain, Unit, User or Group held.
The "Holder" will indicate if this policy setting is System, Domain, Unit, User or Group held.
The name assigned to identify the Emergency Code system policy by the System Administrator.
The System Administrator may use this field to annotate this policy.
This checkbox will allow the System Administrator to enable or disable the policy.
The maximum number of Emergency Codes allowed to be issued to a user's account(enter "0" if there is no limit).
This option determines the length (in characters) of the emergency code.
This checkbox determines if the emergency code can be sent to the user's personal email, mobile or telephone.
This checkbox determines if only one emergency code is sent per message.
This value indicates the default number of hours that may pass after the emergency code is issued before it can no longer be used(enter "0" if there is no limit).
This value indicates the maximum number of hours that may pass after the emergency code is issued before it can no longer be used(enter "0" if there is no limit).
This value indicates the maximum number times that the emergency code may be used(enter "0" if there is no limit).
This checkbox will prevent reuse of the Emergency Code
This option determines if the Emergency Code will be generated as a number or a sequence of letters.
This option determines if the Emergency Code will be the only factor required during authentication.
In addition to the settings in the main section, the Emergency Code policy also includes the following expandable sections;
These sections can be expanded out to provide additional settings related to how the Emergency Codes are sent to the user.
Message Channel
The purpose of the section "Message Channel" is to provide the system administrator with policy settings that specify the default and secondary channels that are used to send messages to users.
This option determines the main delivery channel for sending emergency codes to the user;
SMS Emergency Codes are to be sent to the User's mobile device as a text message.
SMTP Emergency Codes are to sent to the User's email account.
Twitter Emergency Codes are to be sent to the User's Twitter account.
This option determines the secondary delivery channel for sending emergency codes to the user;
SMS Emergency Codes are to be sent to the User's mobile device as a text message.
SMTP Emergency Codes are to sent to the User's email account.
Twitter Emergency Codes are to be sent to the User's Twitter account.
Available Channels
The purpose of the section "Available Channels" is to provide the system administrator with policy settings that specify which communication channels can be used to send messages to users.
This checkbox determines if the email message channel is presented as options for sending emergency codes.
This checkbox determines if the SMS text message channel is presented as options for sending emergency codes.
This checkbox determines if the phone call message channel is presented as options for sending emergency codes.
button;.
