UserLock Documentation
UserLock Documentation

UserLock Frequently Asked Questions

Can users have access to Recovery codes if they do not have access to their smartphone or token?

Yes, in the advanced setting (accessible by pressing F7 in the console where the service is installed) you can use the settings “MfaRecoveryCodeCount” and “MfaRecoveryCodeEnabled” to activate the setting and select the number of recovery codes the user will receive.

By default, this setting is set to “False”. When changing it to “True” any users who have not yet enrolled in MFA will be provided with the number of recovery codes entered in “MfaRecoveryCodeCount” (10 by default). They are displayed immediately after a user has enabled MFA.

Each code can be used only once. To generate new recovery codes for a user, you will need to reset their MFA key. They will then receive the codes when prompted to reconfigure the MFA.