As part of our efforts to keep the Commonwealth safe and secure, we are turning on multi-factor authentication (MFA) for Commonwealth personnel to access files and applications when off the Commonwealth’s secure network. MFA is a secure authentication method that requires users to enter two pieces of information when they login:
1. One they know - like a password
2. One they don't know - like a PIN they receive on their mobile device.
MFA is a critical pillar of the Commonwealth’s cybersecurity program – namely stopping phishing attacks and unauthorized access by users who have obtained the login details of Commonwealth employees.
Personnel will be prompted for MFA when when they try to login to Office 365 apps, including Outlook, outside of the Commonwealth’s networks, from personal AND Commonwealth issued devices. For most users, this will be when they try to access Commonwealth emails from home.
Users must complete a one-time set up to sign up for MFA. See below for set-up instructions and all MFA resources.