Multi-Factor Authentication (MFA)
What is Multi-Factor Authentication (MFA)?
Multi-Factor Authentication (MFA) refers to an additional layer of security that is added to the login process.
MFA relies on two forms of authentication: something you know, and something you have with you. The something you know is your password. The something you have with you can be a mobile device or hardware token. This means that even if your password is hacked, your account will remain secure.
Who is will be impacted by MFA?
MFA is required for all employees starting May 4, 2022. However, anyone can self-enroll for added security benefits.
How do I enroll in MFA?
For more information on self-activating MFA for your account now, see Enabling Multi-Factor Authentication.
What are my authentication options?
You will be able to choose a primary authentication method when you register, which you can change or update at any time. Information Technology recommends using a mobile authenticator app such as Google Authenticator or Microsoft Authenticator as they provide a better user experience. Current options are outlined below:
|
Verification Method |
Description |
|
The Mobile Authenticator App will generate a new One Time Password (OTP) every minute. You will be asked to enter the most current verification code in the sign-in screen |
|
|
Text Messages |
A text message with a 8-digit code is sent to your mobile device that you will input to complete the authentication process |
|
|
An email with a 8-digit code is sent to your third party email address that you will input to complete the authentication process |
|
MFA Key |
MFA Keys are USB keys that are designed to generate random OTPs without the use of any other technology or device. An MFA Token can be plugged into the computer and with the press of a button an 8 digit code is typed automatically. IT Has ordered a number of MFA tokens for employees wishing to use them and they will arrive near the end of April. |
How do I change my Default OTP Delivery Methods?
You may select which MFA (Multi-Factor Authentication) method (i.e. Email, Phone, Mobile Authenticator, etc.) you would like to set as the default to automatically receive your OTP (One-Time Password).
How can I change the OTP delivery method when I am logging in?
When you are logging in and you are prompted to enter your OTP (One-Time Password), you can change the delivery method to any of your pre-configured MFA (Multi-Factor Authentication) options that you setup earlier.
How to I stop Canyons ID from prompting me for an OTP (One-Time Password) every time I login?
If you are on your personal device and not on a public or shared device, when you are prompted to provide an OTP when logging in to Canyons ID, you may check the “Remember this device?” checkbox.
NOTE: If you have checked the "Remember this device" option and you continue to be prompted for OTPs, understand that this feature relies on the use of web browser cookies. If your browser is configured to reject or not save cookies, this feature will not work and you will continue to be prompted for OTPs.