Army's Multi-Factor Authentication

Friday, April 16, 2021

What is it?

The U.S. Army has implemented a Department of Defense-approved alternative Multi-Factor Authentication (MFA) solution. This solution augments existing username and password logins by adding a second factor for authentication.

Alternative MFA will support Soldiers without government-furnished equipment. This will also allow eligible mission partners, such as Guard, Reservist, First Responders, Academia, non-contract cadets and other authorized users, a secure way to access official online resources without a common access card (CAC).

This capability is available for all applications using the Enterprise Access Management Service Army (EAMS-A) platform. The solution provides two options: (1) A Fast Identity Online (FIDO) certified cryptographic USB hardware token that can be purchased through online retailers or (2) The Army MobileConnect application that is available free for download via Google Play and the Apple iOS App Store.

Registration of preferred MFA device(s) is available at the Identity Management Portal under “My Account.”

What are the current and past efforts of the Army?

The Army successfully:

  • Conducted proof-of-concept testing for the Yubikey device at the end of 2019. A select group of Soldiers successfully registered a Yubikey and used it to access websites behind EAMS-A.
  • Evaluated two different mobile applications. The users entered username and password through EAMS-A and were prompted by the mobile app on their phone to approve or reject the login.
  • Established a production contract for the Army MobileConnect app, post the pilot. This will reach full operational capability at the end of May 2021.

What continued efforts does the Army have planned?

The Army will continue to:

  • Evaluate IT security needs of warfighters and fielding capabilities to grant authorized access at the point of need based on continuous assessment of the evolving cybersecurity landscape.
  • Standardize authentication and authorization capabilities to drive out anonymity.
  • Standardize access controls, and support data-driven access models by enforcing stringent controls for privileged, shared, and group accounts associated with sensitive resources.

Why is this important to the Army?

Army’s Multi-Factor Authentication solution is designed to shrink the Army’s cyber-attack surface by reducing the six million single-factor username and password logins per year within the Army. Single factor authentication accounts for the majority of security breaches across the internet and presents a key vulnerability to national security. In addition, MFA provides an added level of security to defend against many other online threats such as phishing, man-in-the-middle, credential stuffing, and replay attacks.

Resources:

Related document:

Related STAND-TO!:

Subscribe to STAND-TO! to learn about the U.S. Army initiatives.

Events

April 2021

Sexual Assault Prevention & Awareness Month | Visit Army Resilience Directorte

Month of the Military Child | Visit Army Quality of Life

Day of Remembrance for Victims of the Holocaust

April 19: Best Ranger Competition | Visit U.S. Army Rangers

April 18-24: Army Volunteer Recognition Week | Visit Army Volunteer Corps

April 22: Earth Day | Visit U.S. Army Environmental Command

April 23: U.S. Army Reserve Birthday | Visit U.S. Army Reserve

May 2021

National Asian Pacific Heritage Month May 7: Military Spouse Appreciation Day | Visit U.S. Army Quality of Life May 9: Mother’s Day

May 10 - June 14: Army National Hiring Days May 15: Armed Forces Day

May 31: Memorial Day

Focus Quote for the Day

Cybersecurity is a 24/7, all year long effort that is everyone’s responsibility. Whether at home, in the office or out in the field, our diligence is imperative to our people and our mission.

— Gen. Mark A. Milley, Chairman of the Joint Chiefs of Staff and 39th Chief of Staff of the Army

Army Cybersecurity Awareness Campaign