Page tree
Viewable by the world
Skip to end of metadata
Go to start of metadata

The following page outlines the options if you cannot authenticate with MFA, most commonly due to a lost phone, phone reset, or new phone.

These options are intended to be used infrequently for emergency situations only.

These options are NOT to be used on a regular basis to avoid MFA

This will only work if:

  • You already have your Notification Information setup and is up-to-date
  • You have not change your LDAP password with in the past 14 days
  • You have access to the email you provided in the Notification Information
  • It is recommended to do this using Google Chrome in Incognito Window. Other browser/mode may give you glitches and/or false positive errors. So be sure to use Google Chrome in Incognito mode
    1. Go to https://identity.lbl.gov/bypass/
    2. Setup new MFA token with Google Authenticator

      If you have successfully activated the bypass in step a, but you are still getting asked for the One Time Passcode (OTP). Close out of the browser and relaunch into Google Chrome in Incognito mode and try step b again

If you get any error message during the process. Submit a ticket to [email protected] and include:

  • A screenshot the error message you are getting 
  • Your Berkeley Lab username
  • Your Berkeley Lab employee ID number
  • Phone number you can be reach at

IT Support Services will get back to you