To protect your USM Central account, enable multi-factor authentication (MFA)A method of access control in which a user is granted access only after successfully presenting several separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge, possession, and inherence.. MFA adds extra security because it requires multiple factors to authenticate a user, making it more difficult for an unauthorized person to gain access to the account. In USM Central, MFA provides a layered defense of two independent credentials: what you know (your user account name and password) and what you have (security token on your personal device).
To use MFA in USM Central, you must have a mobile device that supports an Authenticator app. AT&T Cybersecurity recommends the Google Authenticator app, which is available for iOS and Android devices. Google Authenticator implements two-step verification services using the Time-based One-Time Password (TOTP) algorithm and HMAC-based One-time Password Algorithm (HOTP) for authentication.
Before you set up MFA for your account, you must install the Authenticator app on your device.
To configure MFA for your account
- At the bottom of the expanded pane of the USM Central web user interface (UI), hover over the icon and select Profile.
Click Enable Multi-Factor Authentication.
The pane expands to provide a unique QR code that is used by the Authenticator app to retrieve a verification code. The code is emailed to you as well.
- Open the Authenticator app on your device.
- Scan the QR code using the Authenticator app.
- Click Save.
- Hover over the icon and select Logout.
- Click Login.
- On the login page, enter your user account and password, and click Login.
- Enter the one-time passcode in the text box of USM Central, and then click Login.
If you lose or change your mobile device or need to have your MFA reset, please contact AT&T Cybersecurity Technical Support.