Providing they know the admin userid and password. Admin sessions don't use the PASSWORDACCESS GENERATE. A good reason to either lock, delete or change the default ADMIN/ADMIN userid in TSM.