Multi-Factor Authentication at UMass


What is Multifactor Authentication (MFA)?

  • Multifactor authentication strengthens access security by requiring two or more methods (factors) to verify your identity.
  • These factors can include something you know - like a username and password, plus something you have - like a smartphone app to approve authentication requests

The goal of MFA is to create a layered defense and make it more difficult for an unauthorized person to gain access.

Watch this video to learn more:


Why are we implementing MFA?

  • Implementation will protect the University against data breaches by ensuring only legitimate users and appropriate devices have access to sensitive data and applications - anytime, anywhere
  • Implementation will also protect employees. As employees our sensitive data lives in the University’s enterprise systems. Our personal data (social security numbers, bank accounts, and tax forms) will be more secure.

So, what does this mean to me as an employee?

  • HR Direct will be protected at “the front door”
  • When logging in, users will enter in their user name and password
  • Established risk factors behind the scene will determine when & if a second factor is needed
  • If needed, you will be prompted for a second factor which will be delivered according to the option you choose
    • SMS Text Message
    • Duo Security App installed on a smart phone
    • Phone call to cell phone or land line

When will MFA go live?

MFA will go live in Summer 2017 for the Amherst, Dartmouth, Lowell, & Medical School campuses as well as the President’s office. The Boston campus will go live in the Fall of 2017.