When configuring AAA login authentication on CISCO routers, which two authentication methods should be used as the final method to ensure that the administrator can still log in to the router in case the external AAA server fails?