Changing the failmode parameter for multifactor authentication
The failmode parameter determines how the system responds if a user logs into the system when multifactor authentication is enabled, but the authentication server is unavailable. Failmode setting can be managed by command-line interface (CLI).
Use the failmode parameter in the chauthmultifactorverify command to set one
of the following values:
- secure
- When the authentication server is unavailable, specify this value to prevent any user with multifactor authentication enabled from accessing the system. When a user logs into the system, the login attempt fails.
- insecure
- When the authentication server is unavailable, specify this value to allow any user with multifactor authentication enabled to access the system. When a user logs into the system, the login attempt succeeds.
chauthmultifactorverify -failmode secure
Enter the
following command to allow access to the system for user with multifactor authentication
enabled:chauthmultifactorverify -failmode insecure