What is the difference between UtahID and Single Sign-on (SSO)?
- UtahID is the State of Utah’s identity provider and the standard method of authentication.
- Single Sign-on is a system that allows a user to access multiple independent services (i.e., applications) from a secure single login session.
How do I reset my UtahID password?
If you know your current UtahID password and you want to reset it, you can simply log in to UtahID, go to Change Password in the Security tab, confirm your current password, and type in a new password.
If you’ve forgotten your password, first go to the UtahID login page and select Forgot Password. You’ll be asked to type in your username/email and your last name. You can receive a one-time passcode (OTP) in a few ways, depending on the contact information you set up in your profile:
- via an email to the primary or backup email address in your profile, or
- via a text to the primary or backup phone number in your profile.
If email and mobile are blank, an email will be sent to your supervisor.
When my UtahID account is locked after three failed password tries, how long is the account locked?
If you are locked out of your UtahID account, the first lockout is ten minutes, the second lockout is thirty minutes, and the third lockout is ninety minutes.
What are the password requirements?
- The minimum number of characters is eight.
- Your password must include at least one character from at least three of the four following character sets: uppercase letters, lowercase letters, numbers, and special characters.
Will the DTS Help Desk be able to reset my password for me?
No; to maintain the security of your identity and credentials, the DTS Help Desk is not able to reset passwords. Using self service, please follow the forgot password process.
Will I be required to change my password on a set schedule?
- Employees are required to change their password every ninety days.
- Employees with access to FTI data are required to change their password every sixty days.
Employees will be reminded to update their passwords on their mobile devices and UWDN after a password change.
Two-Factor, or Multifactor, Authentication
What does two-factor, or multifactor, authentication mean?
Two-factor, or multifactor, authentication is using two or more different factors to achieve authentication. Factors include:
- something you know (e.g., a password or a PIN),
- something you have (e.g., a cryptographic identification device, a hard or soft token), or
- something you are (e.g., biometric identifiers like your fingerprint or voice).
Source(s): NIST SP 800-53 Rev. 4 under Multifactor Authentication. See Authenticator.
What options for two-factor authentication are approved for employee use?
As an employee, you can use RSA (i.e., fob or soft token) for two-factor authentication. Currently this is agency specific for which token and who is required to use it. Other options are coming soon.
Will all employees be required to use two-factor authentication?
Not at this time. In the future it will be a requirement for all employees.
Will two-factor authentication be required to log in to Gmail for all employees?
Users who have been assigned an RSA token will be required to use two-factor authentication to log in. In the future two-factor authentication will be a requirement for all employees.
When receiving SMS/text messages regarding my UtahID account, do carrier charges apply?
It depends on your cell phone carrier. Contact your provider for more information on this.
When I use the Sign Out option in my account settings in the Utah.gov header, what happens?
The user is logged out of UtahID. However, an application developer may customize the header to log a user out of their individual systems rather than all of UtahID.
If I update my home address in UtahID, will it change it anywhere else?
Updating your home address in UtahID will not change your address anywhere else at this time.