Manage locked-out user accounts
On the Users page, you can identify users whose accounts were locked-out. The account lockout may happen when, for example, the user consecutively enters incorrect passcodes a number of times exceeding the maximum allowed number of failed login attempts. You can set this rule including the number of allowed login attempts and the lockout duration in your global policy.
You can contact the locked-out user to learn about the problem and confirm the user's identity. If the log-in attempt is legitimate, you can generate the bypass code that will help the user to access the protected resources.
This procedure gives you a summary of actions that you can perform to support the locked-out user.
How to
-
In the Enterprise Center navigation menu, select Multi-factor Authentication > Identity & Users > Users.
-
Users whose accounts were locked-out are marked with a red padlock. To view the detailed information, click the username and display the user profile.
-
You can contact the user to check the reason for the lockout.
-
If the login attempt seems suspicious, you can immediately deactivate the user's devices to block their access. See activate and deactivate user's device.
-
If the login attempt is legitimate, you can generate a bypass code to enable the user to enroll a new authentication device.
-
Updated almost 3 years ago