Recovering After Replacing a Lost Device

If you register a device with AM and then lose it, you must authenticate to AM using a recovery code, delete the lost device, and then register the new device. Perform the following steps:

To Register a New Device After Losing a Registered Device

  1. Log in to AM.

    If push authentication is enabled, enter your user ID, click Log In, and then click Use Emergency Code. If one-time passwords are enabled, when prompted to enter a verification code, instead enter one of your recovery codes.

    Because recovery codes are valid for a single use only, make a note to yourself not to attempt to reuse this code.

    If you did not save the recovery codes for the lost device, contact your administrator to remove the registered device from your AM user profile.

  2. Select Dashboard from the top-level menu.

  3. Locate the entry for your phone in the Authentication Devices section, click the context menu button, and then click Delete.

  4. If you have not already done so, install the ForgeRock Authenticator app on your new phone.

  5. Register your new device. See Registering the ForgeRock Authenticator for Multi-Factor Authentication.

Users who do not save recovery codes or who run out of recovery codes and cannot authenticate to AM without a verification code require administrative support to reset their device profiles. See Resetting Registered Devices by using REST for more information.