Break-glass emergency access
Use only when normal Admin OTP/MFA login is unavailable during an active incident.
- Session lifetime is 15 minutes maximum
- Every issue and revoke is written to admin audit logs
- Incident ID and reason are required
- The master secret is never stored in a browser cookie