Viewable by the world

Purpose of Knowledge Article:

Guide to activating emergency bypass MFA if you cannot authenticate with MFA, most commonly due to:

  • Lost your phone
  • Lost the MFA token
  • Phone got reset
  • Got new phone
  • MFA token no longer works (out-of-sync)

Emergency MFA bypass is to be used infrequently for emergency situations only.

Emergency MFA bypass is NOT to be used on a regular basis to avoid MFA

Resolution:

This will only work if:


  • Be sure to do step 1 and step 2.
  • If you have successfully activated the bypass in step 1, but you are still getting asked for the One Time Passcode (OTP). Close out of the browser and relaunch into Google Chrome in Incognito mode and try step 2 again.
  1. Go to https://identity.lbl.gov/bypass/ and follow the on-screen instructions to set up an MFA bypass
  2. Set up a new MFA token with Google Authenticator.  See Install Google Authenticator and Setup MFA for instructions.
    If you already have Google Authenticator on your phone, you will just need to Add a new MFA token.


If you get any error messages during the process. Submit a ticket to [email protected] and include the following:

  • A screenshot of the error message you are getting 
  • Your Berkeley Lab username
  • Your Berkeley Lab employee ID number
  • The phone number you can be reached at

IT Support Services will get back to you