Frequently Asked Questions
UtahID Help
General
What is UtahID?
UtahID is the State of Utah’s identity provider and the standard method of authentication. This provides Single Sign-On, which allows a user to access multiple independent applications with one login session.
I’m receiving an error message that says “UtahID Session Expired”. How do I resolve this?
Make sure that your computer’s clock is set to the right time and that your browser is going to id.utah.gov, not any other site.
Do the SMS/text messages cost me money?
It depends on your cell phone carrier. Contact your provider for more information.
If I update my home or work address in UtahID, will it change it anywhere else?
Updating your home address in UtahID will not automatically change your address in other applications. Please contact the agencies you do business with in order to submit address changes.
How do I recover access to my UtahID account if I no longer have access to my email address or any other MFA methods registered on my account?
If all of your sign-in methods (email and MFA) are not available, you will be required to create a new UtahID with a different email address and different username. If you have not signed in to your account in three years as per the DTS record series retention schedule Single Sign-On public user accounts (UtahID), your account may be deleted.
How do I know if I have an existing UtahID account?
When you enter in a username/email address and your password, and you receive a countdown until the account is locked out, the username entered was valid.
I cannot log in using my username, is there something else I can use?
If you cannot sign in with your username, then try using your email address instead.
Passwords
Click on the “Password Reset/Recovery” button in the header at the top of the page for specific instructions for changing or resetting your UtahID password.
Direct link to Password Reset/Recovery page: dts.utah.gov/idhelp/password-reset/
How do I reset or change my UtahID password?
If you know your current UtahID password and you want to change it, you can simply log in to UtahID, go to Change Password in the Security tab, confirm your current password, and type in a new password.
If you’ve forgotten your password, first go to the UtahID login page and select Forgot Password. You’ll be asked to type in your username/email and your last name. You can receive a one-time passcode (OTP) in a few ways, depending on the contact information you set up in your profile:
- via an email to the primary or backup email address in your profile, or
- via a text to the primary or backup phone number in your profile.
After receiving this OTP, you will be able to reset and create a new password.
When my UtahID account is locked after three failed password tries, how long is the account locked?
UtahID sets lock outs on accounts for 10 minutes after 3 failed attempts that occurred within 10 minutes. With each failed attempt after that, you will be locked out for 10 minutes until the timer runs out.
What are the password requirements?
- The minimum number of characters is eight.
- Your password must include at least 3 of the following character types: Uppercase, Lowercase, Numbers, and Special Characters. An example of a special character is @ or #, among others.
Will the Service Desk reset my password for me?
No. To ensure the security of your identity and credentials, we have multiple options for you to reset your password yourself. If you are unable to reset your password using those options, you’ll need to create a new UtahID.
How often do I need to change my password?
You may be required to reset your password on a set schedule depending on the services you access. This is dependent on the related service.
Validate Email/Mobile Phone
Am I required to validate my email address to set up a UtahID account?
Yes. For security and account maintenance, including password recovery, it is a requirement to validate your email address to set up a UtahID account.
Am I required to validate my mobile phone number to receive text messages?
Yes. For security and account maintenance, including password recovery, you are required to validate an entered mobile phone number to receive text messages.
Two-Factor or Multifactor, Authentication
Click on the “Multi-Factor Authentication” icon for MFA specific instructions for registering the UtahID Authenticator app or Yubikey.
Direct link to Multi-Factor Authentication section: dts.utah.gov/utahid-help/multi-factor-auth
What is MFA?
Multifactor Authentication (often the same as 2FA, or two-factor authentication) is a way of verifying your identity when you sign in. This helps accounts be more secure and harder to hack. This is done by using two or more different ways to login. These methods include:
- something you know (e.g., a password or a PIN),
- something you have (e.g., a cryptographic identification device, a hard or soft token), or
- something you are (e.g., biometric identifiers like your fingerprint or voice).
Source(s): NIST SP 800-53 Rev. 4 under Multifactor Authentication. See Authenticator.
What options do I have for multifactor authentication?
- an SMS text message,
- an email, or
- a UtahID authenticator (mobile app that generates a soft token/code).
- If previously authorized, a security key.
- Security Codes
Why is MFA required?
The State of Utah, by law, is required to protect citizen data. MFA is used as an additional security measure to keep your data safe. It is much harder for someone to gain access to your information if they have to guess your username, password, and another method like a code sent to your phone.
Why am I not receiving MFA codes?
Codes typically arrive within 5 minutes, and are valid for 15 minutes from when they are sent.
Not receiving emails? If you are not receiving emails for MFA codes, check your spam folder. If the problem persists, check with your email provider whether [email protected] is blocked.
Not receiving text messages? If you are not receiving text messages for MFA codes, make sure your phone is connected to the cellular network. If the problem persists, check with your phone provider to see if they are blocking messages from 51740, (256) 973-9690, or (806) 853-6165.
UtahID Authenticator App FAQ
I have an iPhone and I’m having trouble with the UtahID Authenticator app. What’s the best way to fix this?
iPhone users, if you are receiving errors when trying to use the UtahID Authenticator app or if the notification is not being triggered, generally restarting your iPhone will resolve the issue.
What is the UtahID Authenticator App?
The UtahID Authenticator app is an application available on iOS or Android for a MFA method to provide extra security.
Where can I find instructions on how to register the UtahID Authenticator app?
https://dts.utah.gov/utahid-help/utahid-authenticator
How do I complete the MFA login process when using the UtahID Authenticator app?
After entering your UtahID username and password, you will be presented with the below screen:
At this same time, you will receive a notification on your mobile device from the UtahID Authenticator app. Click on the “Accept” button to continue the login process.
Can the UtahID Authenticator app be installed on multiple mobile devices?
No. A UtahID account can only have a single installation of the UtahID Authenticator app tied to one device.
After entering my UtahID and password, the message on the screen says “Please respond on your mobile device”, but I am not receiving a notification. How do I resolve this?
If a notification is not popping up on your mobile device, try going directly into the app and follow these steps (The below screenshots are from the iPhone app. The Android app may look slightly different):
- In the app under “My Accounts”, you should see a bell icon with a notification indicator. Tap on that row.
- The next screen will again show an indicator showing that you have a notification. Tap again.
- Finally, this last screen will show you the Pending Authentication Request, tap on it, and the next screen will show you the “Accept” and “Reject” buttons.
If the notification displayed in the above screenshots is not being displayed in the app, first close the app on your mobile device. Then back on the login screen, click “Start Over” to re-enter your username and password.
My UtahID is no longer being displayed on the “My Accounts” screen in the app. How can I add it back?
The most common cause of your UtahID no longer being displayed is due to uninstalling and reinstalling the app. To add it back, follow these steps:
- From a laptop or PC, remove Push Authentication. Instructions can be found here: https://dts.utah.gov/utahid-help/utahid-removing-mfa-options#authtwofa
- Once Push Authentication has been removed, you can re-register. This is the only way to return to the screen with the QR Code, which is required to register the app. Instructions can be found here: https://dts.utah.gov/utahid-help/utahid-authenticator
IMPORTANT: When re-registering the UtahID Authenticator app, you will be given a new set of Recovery Codes. Remember to save these Recovery Codes, and replace your old set of codes.
I’m receiving an error message stating that “there are no registered devices found”. How can I fix this?
Typically, restarting your iPhone will resolve this. After a restart, try logging in again and you should receive the MFA notification.
Why is the UtahID Authenticator app also asking for Face ID or Touch ID?
Depending on the model of your iPhone, when initially installing the UtahID Authenticator, you will be asked if you also want to enable Face ID or Touch ID when using the app. If you enable either of these features, then in addition to tapping “Accept”, you will also need to authenticate on your iPhone by either using Face ID (allowing the iPhone camera to recognize your face), or Touch ID (tapping your fingerprint on the Home button) to continue.
Security Keys
What is a security key?
A security key is a physical device that has a unique PIN to sign into an account, adding an extra layer of security. It usually looks like a small USB drive.
Where can I find instructions on how to register my security key?
We have guidance specific to Yubikey, but should be similar to other security keys. Please follow manufacturer guidance where the following walkthrough is different.
https://dts.utah.gov/utahid-help/utahid-yubikey
How do I login using a security key?
After entering your username and password, you’ll see the below prompt. If you haven’t already inserted the security key into a USB port, do so now, then press it to activate. The example is specific to Yubikey; please follow manufacturer guidance where the following walkthrough is different.
How can I remove a security key from my UtahID account?
The user can remove a security key from their own UtahID account.
The instructions are documented here: https://dts.utah.gov/utahid-help/utahid-removing-mfa-options#yubikeytwofa
After inserting the security key, my browser asks me if I want to store the password. Should I?
NO. After inserting the security key, if you are asked to update the stored password in your browser, DO NOT allow the browser to do so. It will actually replace your stored UtahID password. Since this new password does not match your actual UtahID password, you will receive the “Your User Name and/or Password are incorrect.” error message, and continued attempts to use this incorrect password will lock you out.
Authentication General Questions
What if I lost or misplaced my mobile phone or security key and need to login?
When registering the UtahID Authenticator app or security key, you’ll be presented with 10 one-time use recovery codes to be used in this scenario. Save them in a place where you do not need your mobile phone or UtahID in order to access them. Printing a copy is also recommended. These recovery codes can be used to login if your mobile phone or security key are unavailable. Be aware that each code can only be used once. It is very important to have access to your recovery codes, as it will be the easiest method to access your account.
After entering your username and password, you will be presented with the option to “respond on your mobile device” or to sign in “using a security key”:
- Click “Cancel”
- Click on “Try a different way”
- Click on “Recovery Codes”
- Enter one of your Recovery Codes, and then click the “Continue” button
What if I forgot to save my Recovery Codes during initial registration? Can I still retrieve them? Can I generate more?
Yes. Login to id.utah.gov and select “Security”. Scroll down to the “Multi-Factor” section, and follow the instructions listed under “Recovery Codes”.
What if I cannot access my Recovery Codes?
When presented with the option to “respond on your mobile device” or to sign in “using a security key”:
- Click “Cancel”
- Click on “Try a different way”
- Click on “I don’t have any of these”
- The screen will present multiple options.
- From there, the user should access the “Security” section, and re-generate Recovery Codes.
Contact Us
Toll Free: 800-678-3440
Salt Lake Area: 801- 538-3440