Viewable by the world

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 55 Next »

What is Multi-Factor Authentication? 

Single factor authentication, such as typing a password, is increasingly insufficient protection for online accounts. The combination of phishing, malware, and brute-force guessing present a formidable threat to single factor authentication.  

Multi-Factor Authentication (MFA) requires more than one factor to authenticate.  Most commonly, MFA requires typing a password (first factor) and entering a one-time code (second factor) generated by a device, such as Google Authenticator on your phone.   With MFA, an attacker will not be able access your account simply by knowing your password.  The attacker must also have the device capable of generating a code, a much more difficult tasks.  

How to use MFA at Berkeley Lab?

Most people already use MFA at Berkeley Lab and/or to secure their personal accounts. 

When using MFA at Berkeley Lab, after entering your username and password you will be prompted for a one-time code, as follows:

     


If you are a member of an Operations division, MFA was required to login Berkeley Lab enterprise applications (Gmail, LETS, FMS, etc.) in May 2018

If you are a member of a Scientific division, you can opt-in to use MFA for Berkeley Lab enterprise applications beginning September 2018.

MFA Frequently Asked Questions (FAQ) 

  1. How do I opt-in to MFA?
  2. How can I manage my Google Authenticator MFA tokens?
  3. How do I manage my Yubikey MFA tokens? (Operations Only)
  4. I lost my MFA token and can't login?

Other MFA resources


If you have questions regarding MFA enrollment, please submit a help ticket or contact the IT Help Desk at 4357. 





  • No labels

Was this site useful for you? Do you have any feedback or suggestions? Please click here to send your comments about this FAQ to IT.