Access control and bypass codes

To be useful, an intrusion alarm system is deactivated or reconfigured when authorized personnel are present. Authorization may be indicated in any number of ways, often with keys or codes used at the control panel or a remote panel near an entry. High-security alarms may require multiple codes, or a fingerprint, badge, hand-geometry, retinal scan, encrypted response generator, and other means that are deemed sufficiently secure for the purpose.

Failed authorizations should result in an alarm or at least a timed lockout to prevent "experimenting" with possible codes. Some systems can be configured to permit deactivation of individual sensors or groups. Others can also be programmed to bypass or ignore individual sensors (once or multiple times) and leave the remainder of the system armed. This feature is useful for permitting a single door to be opened and closed before the alarm is armed, or to permit a person to leave, but not return. High-end systems allow multiple access codes, and may even permit them to be used only once, or on particular days, or only in combination with other users' codes (i.e., escorted). In any case, a remote monitoring center should arrange an oral code to be provided by an authorized person in case of false alarms, so the monitoring center can be assured that a further alarm response is unnecessary. As with access codes, there can also be a hierarchy of oral codes, say, for furnace repairperson to enter the kitchen and basement sensor areas but not the silver vault in the butler's pantry. There are also systems that permit a duress code to be entered and silence the local alarm, but still trigger the remote alarm to summon the police to a robbery.

Fire sensors can be "isolated", meaning that when triggered, they will not trigger the main alarm network. This is important when smoke and heat is intentionally produced. The owners of buildings can be fined for generating False alarms that waste the time of emergency personnel.