Recover after replacing a lost device
If you register a device with AM and then lose it, you must authenticate to AM using a recovery code. After deleting the lost device, you can register a new device.
Access the list of recovery codes you saved when registering the lost device.
If you did not save the recovery codes when you registered the device, contact your administrator to remove the device from your user profile instead of following these steps.
Administrators can refer to Reset registered devices using REST for details.
Begin to sign in as you normally would.
When prompted to use a multi-factor option, click the Use Recovery Code link.
Enter the recovery code when prompted.
Because recovery codes are valid for a single use only, remove the code you used from your list.
AM lets you sign in to access your profile page.
Browse to Edit Your Profile > 2-Step Verification > Change.
The UI displays the list of the registered devices.
Delete the lost device from your profile.
Register your new device by signing out, then accessing the protected resource that requires MFA.
When registering for push notifications or one-time passwords, refer to The ForgeRock Authenticator application.