Multi Factor Authentication

Page updated: 16/05/2023

You are invited to register for MFA today

We are taking extra steps to prevent unauthorised access to your account by adding an additional step to verify your identity. The verification process is called authentication and is currently done with a username and password.  Usernames can be discovered easily and a recent increase in phishing emails designed to steal passwords means that there is a high risk of your password getting into the wrong hands.  To help prevent cyber-criminals from obtaining your password and accessing your account we are enabling Multi Factor Authentication, or MFA.

Multi Factor Authentication is more secure than just a password because it relies on two forms of authentication:

  • Something you know – your password.
  • Something you have - a mobile phone.

 

*Important MFA Information for People Managers: ICT Services will be enforcing MFA registration for all new users from the 31st of October

  • New users will automatically be asked to register for MFA when they log in to their new device for the first time, this will be explained to the user when ICT Services provide them with their username and password.

 

What are the benefits of enrolling in MFA?

The benefits of enrolling in MFA are that it helps protect your Carmarthenshire County Council Identity (your account) against phishing, social engineering and password brute-force attacks and prevents logins from attackers exploiting weak or stolen credentials. These types of hacks are on the increase and your account may be targeted by cyber criminals wanting to exploit the information you have access to or gather further information about you for a targeted social engineering attack. 

A cyber-criminal or hacker will not be able to log in to your account just by knowing your password – they will also need to have your mobile phone.  This significantly reduces the risk of someone pretending to be you, accessing your account and data, and carrying out further cyber-attacks using your identity.

What MFA is not?

Using your own device for MFA is not the same as having access to 'your work' on your own personal device. Your smartphone is purely used as a form of identification, to confirm 'you are who you say you are'. This can be done by installing the Microsoft Authenticator app, or by sending you a text message with a one-time security code. This process is the same used by online banking when they want you to confirm your identity when logging on to your bank account. 

To use the MS Authenticator app on your personal mobile device, you will need to ensure that the most recent software updates have been installed.

If you cannot install the authenticator app, you can use the alternative method of receiving a one-time passcode via text message. Your personal mobile number is entered into the ‘Security Information’ area on your works Office 365 account, via the https://myaccount.microsoft.com/ link.

Admittance to your 'Office 365 - My Account', is only accessible by entering your CCC login credentials, and once enrolled in MFA, by also approving the notification via the MS Authenticator app or entering the text message one-time passcode.

If your mobile device is changed, lost or stolen, you will need to ensure your MFA information is updated. The below ‘Update Your MFA Security Information’ guide will show you how.

Self Service Password Reset (SSPR)

An additional benefit of enrolling in MFA means you are also enrolled in SSPR. So, if you ever need to reset, unlock, or change your password you can do so via the following three methods.

  1. Via the “Reset Password” link underneath the password field on the Windows 10 logon screen.
  2. By visiting https://passwordreset.microsoftonline.com from a web browser on any corporate device.
  3. Via the MS Authenticator App

Please note: You can only use this option if you know your current password.

  1. Open the MS Authenticator app (you may also need to enter your phone pin)
  2. Click on your email address on the screen
  1. Choose the Change password option
  2. The Change Password screen will open
  1. Enter your old password in the first box
  2. Then enter your new password in the second box.
  3. Re-enter your new password in the third box, to confirm your new password.
  4. Click on the Submit button and wait for the following message:

Please wait a few minutes

We’ve changed your password successfully………

  1. Once the message has displayed you can click on the cross on the top left of the screen and use your device as normal.

Tips on creating a strong password

  1. Click on the ‘Register Here’ link provided in the email or go to https://myaccount.microsoft.com/
  2. Sign in with your CCC e-mail address and password.
  3. Select Security info from the left navigation pane and then select Add method from the Security info page.