# A Bypass Code Was Used To Successfully Sign In

Detects use of bypass codes to sign in instead of MFA. Bypass codes are issued when a user has lost their phone or asks for temporary access. Users should not be assigned bypass codes or run in bypass mode.

**Recommended Actions**

Open a ticket to investigate if the use of bypass code was legitimate. Revoke the bypass code if possible and consider updating internal policies to block bypass codes with no expiration date or usage count.

**Compatibility**

[Duo](/integrations/duo-security-integration.md)

[Microsoft Entra ID](/integrations/azure-active-directory-integration.md)

&#x20;\ <br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.oort.io/understanding-check-failures/oort-insights/identity-threat-detection-insights/a-bypass-code-was-used-to-successfully-sign-in.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.