Administrators should have a spare security key—Administrators should enroll more than one security key for their administrator account and store it in a safe place.
Save backup codes ahead of time—Administrators and users should generate and print backup codes in case they’re needed in the future. Keep backup codes in a secure location.
Set up an additional administrator—If an administrator can’t sign in to their administrator account, another administrator can generate backup codes for them.
If security keys are required, set up a grace period—When you set up 2SV enforcement, define a 2-step verification policy suspension grace period. Users can enter a backup code for 2SV during the grace period.
Pages 1