Multifactor Authentication NCDIT Technical Support What Is Multifactor Authentication? Multifactor authentication is a security enhancement that requires you to take an extra step when using your username and password to log in to an account. Generally, this involves confirming your login by entering a security code (sent to you via text message) or by using an authenticator app installed on your mobile device. Before Seeking Help The information on this page can address many issues users have with setting up or using multifactor authentication with state of North Carolina services and applications. If you still need assistance after reviewing this page, contact your agency's help desk or NCID administrator. Before seeking help, here are some helpful tips if you are having trouble logging in: Double-check the spelling on the email address you have entered. Double-check the spelling on the password you have entered. Double-check to make sure you are using your state-issued email address OR firstname.lastname@example.org if you do not have a state-issued email address. Double-check to make sure you are using your state-issued email password OR your NCID password (if using an email@example.com email address.) Capture a single screenshot of the error message you are receiving. This will be helpful in troubleshooting your issue. Signing in Using Multifactor Authentication Getting Help What is an NCID administrator? NCID administrators are state and local government employees who manage the user accounts that people in their agencies use to log in to state websites and services. Administrators set up accounts for new employees in their organizations, close or transfer accounts when employees leave and provide the necessary technical support users need. What if I do not have my mobile device with me? If you do not have your phone with you, try authenticating using your secondary, or backup authentication method. If the backup method is not available, contact your agency’s helpdesk or contact the NCID administrator for your agency or organization. What if I lose my mobile device? If you lose your mobile device, contact your NCID administrator as soon as possible. I still need help with MFA. What do I do? If you still have issues with multifactor authentication, first review Microsoft’s MFA Troubleshooting Page. If you still need help, contact your NCID administrator. Before you contact your agency’s help desk or NCID administrator, here are some helpful tips if you are having issues logging in: Double-check the spelling on the email address you have entered. Double-check the spelling on the password you have entered. Double-check to make sure you are using your state-issued email address OR firstname.lastname@example.org if you do not have a state-issued email address. Double-check to make sure you are using your state-issued email password OR your NCID password (if using an email@example.com email address.) Capture a single screenshot of the error message you are receiving. This will be helpful in troubleshooting your issue. Setting up Multifactor Authentication How do I enroll in MFA? Most North Carolina state employees have already enrolled in multifactor authentication or will enroll as part of current efforts to enable MFA for the Integrated HR-Payroll System. Generally, new employees will be enrolled as part of their onboarding process. State employees who have not enrolled, as well as other authorized users of state applications using MFA may register using the Microsoft authenticator website, where they must choose a primary and secondary authentication method. What are my authentication options? Users must choose a primary and secondary authentication method when registering for MFA. Current options are outlined in the table below. Verification Method How It Works Additional Details Microsoft Authenticator App Microsoft sends a push notification, prompting you to authenticate your login, to the Microsoft Authenticator app on your mobile device. This is the most secure method and is recommended by NCDIT to serve as your primary authentication method. Phone Microsoft sends a text message to or calls the mobile phone you have registered. For a text message, you receive a six-digit code that you input to complete the authentication process. For a phone call, you are prompted to select “#” after answering the call to complete the authentication process. NCDIT recommends this method as a backup to help you access your account in case you forget or lose your mobile device. Office Phone You receive a call to your office phone number and are prompted to select “#” after answering the call to complete the authentication process. This option is recommended by NCDIT only if your office phone is your only option for authenticating your logins. Alternate Phone This option is not supported by the state of North Carolina. Email This option is not supported by the state of North Carolina. Security Questions This option is not supported by the state of North Carolina. How do I set up the Microsoft Authenticator App on my phone? To set up the Microsoft Authenticator app on your mobile device, view this setup video from the N.C. Office of the State Controller. Note: Depending on your browser settings, you might be prompted to download the video to your device. How do I change or update my authentication method? You can update or change your authentication method at any time at the Microsoft authenticator website. Learn more about how to make changes. Can I use my personal mobile device to set up MFA? Yes, you can use a personal mobile device to set up MFA. Why Multifactor Authentication? What is multifactor authentication (MFA)? Multifactor authentication (MFA), sometimes known as two-factor authentication, is a security enhancement that adds another layer of security to your online account, beyond your username and password. It combines two or more methods (or factors) of authentication from independent categories of credentials to verify your identity for a login or other transaction. Learn more about MFA from: Microsoft U.S. Cybersecurity Infrastructure & Security Agency Why has the state of North Carolina implemented MFA? As the state of North Carolina continues to improve security to protect state data, more and more applications used for state business will begin employing multifactor authentication. Applications and services, such as the HR Payroll System and Microsoft, currently use MFA. Government entities are a prime target of cybercriminals and hackers looking to steal data or even cripple government infrastructure, which is critical in providing services to the people of North Carolina. Combined with practicing good cybersecurity habits when checking email and using the internet, MFA increases the security of your accounts and state data, even if your password is hacked. How often do I have to authenticate? You must authenticate each time you are prompted to log in to an application using MFA.