FAQ: MFA for General Devices

FAQ Index


    If I do not use ANY type of cell phone, iPad, computer, laptop to access State Services remotely, do I need to setup MFA methods?

    Answer: It is not mandatory to have MFA methods setup; however, it is encouraged to setup authentication methods to ensure you have access to State of Illinois resources outside the network should it be needed.

    If I use WINDOWS equipment to access State Services remotely such as a PC, laptop, surface, etc.., does this apply to me. If so, how would a WINDOWS user follow the instructions for equipment other than a Phone?

    Answer: If a user accesses State of Illinois resources outside of SOI on any platform, they will be challenged for their authentication methods. For example, if a user logs into webmail on a Windows PC at home, they will be challenged. If they have not setup authentication methods, they will NOT be able to access their data. So it is best to setup your methods. This is best done from your state workstation.

    If I do not own a personal mobile phone or prefer not to use my personal phone to receive text, can I still be setup for MFA?

    Answer: If you have a home land phone #, you can use this as an authentication method. When you are alerted for an authentication you will receive a phone call, and it will provide you the code to enter for your authentication. You could do the same for a mobile phone (have it call you instead of texting). Note: setting up your Office phone as an authentication method will have no effect, since you will not need to authenticate while in the office and will not have the phone available when away from the office.

    Does this pertain to everyone that may check their work emails from non-work computers or only pertains to those with mobile phones.

    Answer: MFA Pertains to everyone that may check their work emails from non-work computers or personal devices, or any device not connected to the state network. The MFA methods need to be setup.

    What is Multi-factor authentication (MFA)?

     It may also be known as 2 factor authentication. It is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism that involve:
    knowledge (something the user and only the user knows) and possession (something the user and only the user has). A good example of multi-factor authentication is the withdrawing of money from an ATM; only the correct combination of a bank card
    (something the user possesses) and a PIN (something the user knows) allows the transaction to be carried out. Our method will be to supplement your network ID and password with a one-time password or code generated or received by an authenticator,
    such as your smartphone which only you possess.

    Just to double check-I use CITRIX when working from home so it is my understanding I do not need to make these changes, correct?

    Answer: Yes, that is true; however, it is encouraged to setup authentication methods to ensure you have access to State of Illinois resources outside the network should it be needed.