Suppress Auth Codes Globally
The use of Authorization (i.e. Auth Codes) adds an extra level of security to either self-service or centralized workflows.
Auth codes can either be given directly to the user by the administrator, security, or help desk personnel, or they can be emailed to the user.
Upon receipt, the user is required to input the Auth Code in the User’s Portal before initiating any tasks for which another authentication method is not available (e.g. when entering a “New Credential” or “Reset All Credentials” workflow).
Auth Codes can be enabled or disabled globally.
Self-service is possible even with auth codes enabled and does require that the system is properly configured to communicate with an SMTP server. If the user requests a self-service workflow that would normally require an auth code, the option to e-mail the auth code directly to the user is available.
This process is similar to how many online systems offer password retrieval or other security information transmissions. In this way, by virtue of the user having access to his or her email account, it is still possible to provide a more secure self-service, and not require the burden of administration.