Multi-Factor Authentication FAQs



Similar documents
Setting Up and Accessing VPN

Step 1. Step 2. Open your browser and go to and you will be presented a logon screen show below.

How Do I Log Into Mobile Banking?

Two Factor Authentication (TFA; 2FA) is a security process in which two methods of authentication are used to verify who you are.

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

Multi-Factor Authentication Job Aide

Security Upgrade FAQs

Initial DUO 2 Factor Setup, Install, Login and Verification

The University of Texas Rio Grande Valley. Network Security. Create a Virtual Private. Network (VPN) Connection. Network Security How-to:

These Frequently Asked Questions include information about both the Remote Identity Proofing (RIDP) and

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication

Business Banking Customer Login Experience for Enhanced Login Security

Multi-Factor Authentication for first time users

Remote Access End User Reference Guide for F5 Edge VPN Client Access

Security Upgrade FAQs

Spring Hill State Bank Mobile Banking FAQs

Cisco AnyConnect VPN for: Windows 8

What does the First Mobile app do for me? What else can I do with the mobile banking app beyond the basics? Why should I use the mobile banking app?

ADDING STRONGER AUTHENTICATION for VPN Access Control

What is Two-Factor Authentication?

Enhanced Login Security Frequently Asked Questions

Two Factor Authentication - USER GUIDE

MOBILE BANKING USER GUIDE

Duo Two-Factor Authentication: Frequently Asked Questions

Akin Gump Strauss Hauer & Feld LLP Remote Access Resources (DUO)

DUO SECURITY CISCO VPN USER GUIDE 1/27/2016

Securing your Juniper SSL VPN with two-factor authentication.

MOBILE BANKING. Why should I use Mobile Banking?

One-Time Password Contingency Access Process

MULTI-FACTOR AUTHENTICATION SET-UP

Mobile Banking Frequently Asked Questions

Mobile and Text Customer Experience Online Banking Training Guide. i 2015 ChoiceOne Bank

Yale Secure File Transfer User Guide

Citrix Remote Access Portal U s e r M a n u a l

STRONGER AUTHENTICATION for CA SiteMinder

Business Online Banking Quick Users Guide

Online Banking Upgrade FAQs

Business Mobile Banking Features

Cash Management 5.0 User Guide

Two-Factor Authentication

Text (SMS) Banking. Access your accounts from any text-enabled mobile phone to view balances and transaction history.

SysAid MDM User Guide for ios

Remote Access Securing Your Employees Out of the Office

Online Services User Guide

Configure AirWatch for Your Mobile Device

IT Handbook. Contents

Multi-Factor Authentication Reference Guide

Mobile Device Management AirWatch Enrolment ios Devices (ipad, iphone, ipod) Documentation - End User

Two-Factor Authentication User FAQ s

How to use SURA in three simple steps:

Monitoring mobile communication network, how does it work? How to prevent such thing about that?

Multi-Factor Authentication (MFA)

Country Club Bank- Mobile Banking FAQs

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

Galveston College Wireless Network Users Setup Guide Version 1.0

Information Technology Department. Miller School of Medicine New User Guide

MBC WiFi wireless logon: Windows 7 (laptop)

Spectrum Health Virtual Desktop (VDI) (available only to select users at this time)

Frequently Asked Questions About Mobile Banking/Deposit App

Systems Upgrade Information Frequently Asked Questions

Facebook s Security Philosophy, and how Duo helps.

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

Helpdesk

2-FACTOR AUTHENTICATION WITH

Using RD Gateway with Azure Multifactor Authentication

Sophos Mobile Control User guide for Apple ios. Product version: 4

Remote Access End User Reference Guide for SHC Portal Access

Guide to Evaluating Multi-Factor Authentication Solutions

Frequently Asked Questions

Multi-factor authentication

Mobile Online Banking

Flexible Identity. Tokenless authenticators guide. Multi-Factor Authentication. version 1.0

RSA SecurID Token User Guide February 12, 2015

River Valley Credit Union Online Banking

Security in an Increasingly Threatened World. SMS: A better way of doing Two Factor Authentication (2FA)

Member FAQ. General Information: Security:

10 Quick Tips to Mobile Security

Banking at the speed of your life. Online. Mobile. Superior. Safe.

Mobile Iron User Guide

Epic Remote Access for Mobile Devices FAQ and Setup

Enhanced Security for Online Banking

I don t know my Employee Identification Number. How do I get it? Contact LAUSD Personnel, Human Resources, or your Supervisor.

Tips for Banking Online Safely

MOBILE PHONE BANKING MADE EASY.

Coillte IT has recently upgraded the Remote Access Solution to a new platform.

Students Mobile Messaging Registration & Configuration

Basic Citrix Manual. Windows Computers and Laptops. Version 1.3. Created by Joshua Lindemann

New Brunswick Internal Services Agency. RSA Self-Service Console User Guide

Provider OnLine. Log-In Guide

Two-Factor Authentication

Help Desk Self Service Quick Start Guide

How To Use The Bank Of Korea App On Android Or Blackberry Or Ipa (For Android)

How to Use Your RSA SecurID Software Token for Windows XP, Vista, or Windows 7 (For ICIS remote access)

Sophos Mobile Control User guide for Apple ios

Multi-Factor Authentication (FMA) A new security feature for Home Banking. Frequently Asked Questions 8/17/2006

Enrolling in Multi-Factor Authentication

How do I contact someone if my question is not answered in this FAQ?

Self-Service, Anywhere

Transcription:

General FAQs What is Multi-factor Authentication (MFA)? Multi-factor authentication (MFA) seeks to decrease the likelihood that others can access your data. Specifically, it enhances the security of your NetID by using your phone, tablet or other device to verify your identity when you attempt to access Yale's network and resources from an off-campus location. It takes two items to access and update your information: something you know (like your password) and something you have (like your phone). For example, when you visit an ATM, one authentication factor is the ATM card you use to start the transaction - that s the something you have. Next, you enter a PIN, which is the something you know. Without both of these factors, your authentication will fail. Why Do I Need to Use MFA? Passwords are becoming increasingly easy to compromise. They can be stolen, guessed, and hacked, and new technology and hacking techniques combined with the limited pool of passwords most people use for multiple accounts means information online is increasingly vulnerable. You might not even know who else has your password and is accessing your accounts. In addition, experience has shown that people are not as good at recognizing malicious email as you might think. Every day, members of the Yale community fall prey to these kinds of scams. We have to take steps to ensure that we are more than just a single click away from having our paycheck stolen or becoming a victim of identity theft. Multi-Factor Authentication adds a second layer of security to your account to make sure that your account stays safe, even if someone else knows your password. This second factor of authentication is separate and independent from the NetID and password step MFA never uses or even sees your password. Who is eligible to use MFA? The university s implementation of MFA will include all faculty, staff, and students. Am I required to use two-factor authentication? Once your group has been enrolled in MFA, you will be required to use two-factor authentication when logging into the Central Authentication Service (CAS). YaleConnect Outlook Web Application. Or Virtual Private Network (VPN) from an off campus location.

Whom should I contact if I have questions or concerns about the requirement to use Duo? We encourage you to contact us with feedback, or with questions or concerns about the project in general at mfafeedback@yale.edu. You may also contact the ITS helpdesk should you need assistance. Does MFA see my password? No, the university system verifies your Internet password with its internal systems as before, and never sends it to MFA. MFA provides only the second factor the something you have. In fact, MFA stores very little information just enough so it can do its job. What is the definition of Off-Campus? Off-campus is anywhere other than: Yale Secure Wireless Yale Wireless Yale hard wired network There are a few physically / geographically remote offices (medical) which are connected via Aruba Networks however they are considered on Campus and they will see no change. Yale Guest is an off-campus network. Using MFA - FAQs How Does Multi-factor Authentication (MFA) Work? Once you have signed up for MFA, when you attempt to access a protected university application from an off-campus location, you will be prompted to enter your username and password as usual (the first factor ). You will then be taken to the MFA screen where you will select the device of your choice and the preferred method of verification push notification, a phone call, or a passcode you will use to verify that it s you (the second factor ). What Devices Can I Use? MFA lets you link multiple devices to your account, so you can use your mobile phone, a landline, and a hardware token, as your second factor. When you are doing your initial setup, you may add as many devices as you like (landline and/or mobile). Subsequently, when you are logging in you can choose which device the authentication request is sent to and which authentication method you would like (via Duo Mobile App, SMS text message, or phone call).

I ve selected to automatically send push notifications to my phone, but I need to authenticate using another device. If you have checked the box that allows you to send a push to your mobile phone, you will automatically receive push notifications every time you are required to use MFA. The rest of the DUO screen will then be blurred out (as shown below): If you need to push the notification to another device, hit CANCEL at the top right of the screen. This will allow you to authenticate with another previously-registered device. If you no longer wish to receive automatic push notifications, uncheck the box next to Automatically send a push. You can then Log In to your desired page or manage your devices. I ve selected to automatically send push notifications to my phone, but I do not have that number anymore. If you have checked the box that allows you to send a push to your mobile phone, you will automatically receive push notifications every time you are required to use MFA. The rest of the DUO screen will then be blurred out (as shown below):

If you have a new number and cannot receive the push notification sent to that phone, hit CANCEL at the top right of the screen. This will allow you to authenticate with another previously-registered device. Perform your second-factor authentication and select Manage devices. In the Manage devices screen, select the drop down arrow next to the old number. Select Remove device. From here, it is recommended that you register another device to ensure that you always have at least two devices to use for Multifactor Authentication. How do I add a new device? Please refer to the User Guide page 6 for instructions on managing devices and enrolling/registering a new phone, tablet, desk phone. Tokens will be added to your profile by an administrator. How long does it take to enroll/register a device for MFA? 5-10 minutes How many devices can I add? There is no limit on the number of devices that can be added. We recommend that all users add at least 2 devices, such as a cellphone/smartphone and a landline/desk phone. Do I need to have a smartphone to use MFA? No, you can use a smartphone, cell phone, landline (such as your office or home phone), tablet, or hardware token. A complete and up-to-date list of authentication methods is available on

the MFA website. We recommend that users who have a smartphone choose to use them, since they are the easiest to use with MFA. What if I forget my smartphone at home? We encourage users to set up multiple authentication devices with MFA, so that when one method is unavailable, you have others from which to choose. For example, you could set up your smartphone for push and also your office phone and home phone to do callback. What happens if I lose my phone? Contact the ITS Help Desk immediately if you lose your phone or suspect that it's been stolen. The support specialist will disable it for MFA and help you log in using a one-time bypass code. While it's important that you contact the Help Desk if you lose your phone, remember that your password will still protect your account. Does it cost me money to authenticate with my phone? Push authentication uses a very small amount of Internet data traffic to function (a few kilobytes per login). Text messages and voice calls are sent only when you request them, and would be billed by your carrier like any other text message or inbound voice call. The Duo mobile app also works like a token and will generate a passcode, this functionality will not require any data and works when your smart phone is in airplane mode. What if I don t have a data plan on my phone? The Duo smart phone app provides options that work without a data plan, a texting plan or even a connection, if necessary. The app can generate the required code without need of either a cell signal or data plan, and it can do so anywhere in the world. If you have a signal and data plan, the app makes two-factor authentication as easy as a pushing a single button, but if you don t, you can use the app to generate a six digit code and enter that instead. What if I don t have a connection? The Duo Mobile App can generate a passcode without a cellular or wireless connection. Alternately, you may use a landline phone if an internet connection is unavailable or request a MFA hardware token. What is the user experience if you are using your phone or an ipad on a cellular network or on a non-yale wifi network and need to log in?

You will be prompted to MFA since this is considered an off campus network. If the registered device is the same as the one being used to login, the Duo app will notify & prompt for confirmation and users can confirm access the usual way. Alternatively a secondary device can also be used to confirm the MFA How would one log into a CAS-protected resource or webmail on an airplane equipped with wifi? What would the experience be in this situation using a laptop, ipad, or phone? This experience will be the same no matter what off campus location you are trying to log in from. You will be required to authenticate with MFA. In the case where a push or text is not working, your phone will function like a token while in airplane mode generating a passcode every 30 seconds. How can I get a token? Tokens will be issued via the walk-in centers. Users can visit a location, provide identification, and a token will be issued to them. In some cases, tokens will also be issued to IT Partners who can distribute to their local community. Can I use the MFA app internationally? The MFA smart phone app is designed to work internationally. If you install the app, it can generate the required code without need of either a telephone signal or data plan, and it can do this anywhere in the world. If you have a signal and data plan, the app makes two-factor authentication as easy as a pushing a single button, but if you don t have one of those two things, you can use the app to generate a six digit code and enter that manually. Can the system handle international phone numbers? Yes, MFA can handle international phone numbers. If entering an international phone number, you can leave a space between country code, city code, and the phone number. How long will my authentication last? You will be required to MFA every time you log in, when off-campus. This will last for the lesser of your session or 24 hours. You will have the option to remember your device for 1 day with CAS and YaleConnect. This functionality is browser based so you will have to do it in each browser you use.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information