Multi-Factor Authentication (MFA) - Information Technology Services

What is Multi-Factor Authentication (MFA)?
Multi-factor authentication, or MFA, is the process in which a user accesses a computer system or software application using at least two forms of authentication to login. The forms of authentication are often described as using, “something you know”, “something you have” and “something you are”. One factor is typically logging into a system with a username and password (something you know). The second factor can be the use of a cell phone app or hardware token (something you have) or, in some cases, the use of a fingerprint or retinal scan (something you are). Without at least two forms of verification, the login will fail.
Why does CI need MFA?
Attacks on CI data are becoming more sophisticated every day. MFA will provide an additional layer of protection to safeguard your CI identity. As identified in the Information Security 2012 audit, a finding was identified along with the recommendation for additional security and access to systems.
What does MFA mean for me?
Information Technology Services (ITS) staff can assist you in registering with CI's authorized MFA provider. The registration takes only a few minutes and can be done in-person or over the phone. You'll need a token/fob (provided by ITS), smartphone, or phone number that you can be reached at (voice call). After MFA is set up, you'll use the smartphone, token/fob, or phone (voice call) to log-in to the protected service. The initial implementation of MFA at CSUCI is designed to protect access to myCI and myCI connected system. Additional systems will be included to require MFA authentication as recommended by Information Security.
If I have the MFA application on my personal phone, does that give the University access to or use of my phone?
No. The MFA mobile application does not have any more access to your phone than any other mobile app, and it cannot read your e-mail, track your location, or see your browser history. The MFA mobile application also cannot remotely delete anything from your phone. During the installation of the mobile application, you will need to grant the app permission to send push notifications to your phone.
How do I register with the University approved MFA?
Instructions to install the MFA mobile app for CI.
*** Please note, at least two (2) methods of authentication need to be setup when you register. This could be your mobile device and a taken, a token and your (unshared) desk phone, or a token and your mobile phone (to call).
Where do I pick up a token?
After you have completed your MFA registration you may pick up a tokens from Anderson Hanchett at the Solution Center located in Broome Library 1350 at the following times:
Monday through Friday between the hours:
- 8:00 AM and 11:30 AM
- 1:30 PM and 5:00 PM
*** A photo ID is required when picking up tokens.
FAQ's
FAQ's regarding 2FA at CI.