You can increase security for user accounts by using Multi-Factor Authentication (MFA) capabilities provided by Oracle Identity Cloud Service. MFA adds an extra layer of identity verification to the login process by requiring a user to provide a second verification method, such as a one-time passcode (OTP) for the device associated with the user’s account, notification, short message service (SMS), also known as a text message, or security questions.
The ability to generate a bypass code is available to the user after the user enrolls in 2-Step Verification. The user can generate a bypass code and store it for later use or request that an administrator generate a bypass code for the user. For example, when a user has forgotten their phone, doesn’t have cell service, or can’t access their computer, at the 2-Step Verification page, the user can contact the help desk to have an administrator generate a bypass code.
As a result, the user can use this bypass code as a one-time 2-Step Verification method to log in to Oracle Identity Cloud Service.
In addition, the administrator can set when the bypass code expires, and how often the bypass code can be used for the user account.
Note:The user must already be enrolled in MFA to use a bypass code or request that one be generated for the user.
- In the Identity Cloud Service console, expand the Navigation Drawer, and then click Users.
- Click the user account for which you want to generate a bypass code.
- Click the Action menu, and then select Generate Bypass Code.
- In the Bypass Code expires after region of the Generate Bypass Code window, set when the bypass code expires.
- Set the time (in days, hours, and minutes) that the bypass code will expire. After this time elapses, the user can't use the bypass code.
- If you don't want the bypass code to expire, then click Never Expires.
- In the Bypass Code can be used region of the Generate Bypass Code window, specify how often the bypass code can be used.
- If the bypass code can be used only one time, then click Once.
- If the bypass code can be used for a finite number of times, then click the button to the left of the text box. Enter a number in the text box that represents how many times the bypass code can be used.
- If the bypass code can be used for an unlimited number of times, then click Unlimited.
- Click OK.
- In the Bypass Code window, click Email. A notification is sent to the user. This notification contains the bypass code that the user uses as a one-time 2-Step Verification method to log in to Oracle Identity Cloud Service.