Use of Alternate Authentication Factor (AC-7(4))

Allow the use of [organization-defined] that are different from the primary authentication factors after the number of organization-defined consecutive invalid logon attempts have been exceeded; and Enforce a limit of [organization-defined] consecutive invalid logon attempts through use of the alternative factors by a user during a [organization-defined].