Multi-Factor Authentication (MFA) is a process that provides additional security when accessing a software service on a computer or system. It requires multiple forms (or “factors”) of authentication prior to granting access. The first authentication factor is typically logging in with your username and password. The second factor is usually an additional step of authentication that’s completed with a device you have, such as a smartphone or a special fob or token.
The goal of MFA is to create a layered defense, making it more difficult for an unauthorized person(s) to access our protected system. Passwords are increasingly easy to compromise, and malicious e-mail scams are harder to recognize. As threats to our systems become more sophisticated, Channel Islands must adapt to provide better security and protection for our data assets and applications.
MFA is currently in active use by students and employees accessing systems through the myCI portal. Over time, MFA will secure other protected applications and entry points to university systems.
You will need to use MFA for each new browser session. After you have successfully authenticated, the MFA session will last twenty-four hours or until you close your browser.
Using the MFA app on your smartphone is typically easiest and the most secure method. Most users have their phones within reach, making it very convenient. As an alternative, fobs/tokens will be made available to those who do not choose to use their personal smartphone or who don’t have a smartphone.
For iPhones (iOS), you can download and install the app from the Apple Store:
Android users can download and install the app from the Google Play Store:
After the app has been installed on your phone, ITS can assist you with device registration.
No. MFA does not have any more access to your phone than any other app. It cannot read your e-mail, track your location, or see your browser history. The MFA mobile application cannot remotely delete anything from your phone. You will, however, need to grant the app permission to send you push notifications during the installation.
Fobs/Tokens will be provided on an as-needed basis as the 2FA service is rolled out at the Solution Center Desk in the Broome Library Room 1350.
Yes, the same process you use at work applies when you are away from the office.
If you are in the office, contact the Shared Services Solution Center at solutioncenter@csuci.edu to request assistance. They will assist you with the steps needed to use your new or temporarily assigned device and de-register the old one.
If you are working remotely, we can provide one-time codes that may be used ONLY one time with the Duo login interface in lieu of a phone or fob/token. These one-time codes will either be distributed on your work telephone voicemail or by phone, depending on which is most secure.