Is there any way for SSPR to support the ability for end-users to unlock
their account if they've locked it via an intruder lock detection? I
know that if linked to NMAS an intruder lock will lock both the password
and challenge-response authentication methods but is there some way this
can otherwise be done securely (without creating a security hole)?
Any suggestions are appreciated.