Two-factor authentication is rapidly becoming the standard for banks, credit unions, online shopping accounts and other organizations to make sure the individual accessing the online accounts is, in fact, the person who created and is responsible for that information.
myPay, the online pay management application for military members, military retirees and many federal civilian employees is preparing to launch two-factor authentication as an added layer of security for users who depend on their accounts for pay information, important tax documents and to make changes to their online profiles.
Initially, myPay’s two-factor authentication function will be offered as a voluntary option. According to myPay officials, the function will become mandatory for all myPay customers sometime in 2021.
How it works
Beginning in October, myPay users will be greeted with a message when logging in, offering two-factor authentication. Those who choose to add this feature will select a method to receive their one-time PIN each time they login into myPay using their ID and password. A “remind me later” option will also be available.
Once activated, a customer will receive the one-time PIN via their choice of email or text message. The PIN will remain effective for 10 minutes, so it is important that the customer has access to email or their smartphone to retrieve the PIN and enter it on the myPay login screen. Once entered, access is provided to the myPay account.
Many myPay customers can use their CAC or PIV smart cards instead of the login ID and password. While they can opt-in for two-factor authentication for those times when they access their accounts away from their CAC or PIV-enabled computers, two-factor authentication will not activate when using a smart card.
Account holders can set two-factor authentication and update their preferred email address or phone number for receiving one-time PINs in the Personal Settings menu at any time. Changes require validation by entering the one-time PIN.
How important is it?
There are many examples and explanations of online security precautions available today. For myPay customers who rely on the ability to change and monitor their pay accounts and retrieve information when they need it, that security becomes vitally important.
According to the myPay program manager, “Along with financial institutions and government agencies, we’ve been warning customers to take care of their online presence at least as well as they do their homes, families and belongings. Rolling out two-factor authentication for myPay puts us on par with some of the most security-conscious organizations in the world, such as the IRS.”
The Internal Revenue Service now requires multi-factor authentication for remote access to Federal Tax Information (FTI). According to the IRS website, “Multi-factor authentication decreases the probability that the requestor is not the person who he says he or she is.” The number of factors is important, as it implies a higher probability that presenter of the identity evidence is who they claim to be.”
myPay’s new two-factor authentication meets the IRS standard to ensure accounts are only accessible to a verifiable account owner.
Get with the program
Even myPay customers who login one time a year benefit from two-factor authentication when they keep their login ID and password secure from potential thieves by adding the additional security validation of the one-time PIN during login.
If users do not opt-in the first time they access myPay after two-factor authentication becomes available in October, they will receive reminders every 90 days when revisiting the site.
According to DFAS officials, two-factor authentication adds to the partnership between the agency and its customers that is necessary to protect personally identifiable information and individual financial records. All myPay account holders are encouraged to opt-in now rather than waiting for the mandatory launch date next year.
Original Source: dfas.mi
Leave a Reply
You must be logged in to post a comment.