Loss of a second factor
The following procedure may be used when a user needs to access a protected application, but doesn't have his second authentication factor available:
The user may enter its login/password on
Instead of activating the usual second factor, he/she selects « Use an alternative method ».
The user may then ask a rescue code:
- He has to click on « Ask for a rescue code ».
- All administrators receive an email alerting that a rescue code is requested by a user.
- One of the admins has to click on « Rescue code » in the « Alerts » tab of the Trustelem admin dashboard.
- This code can be transmitted to the user, after having properly checked the user's identity.
- The user has 24h to use this one-time rescue code.