Secure Multi-Factor Authentication Website Login Process

What is multi-factor authentication (MFA)?
MFA is a common cybersecurity approach utilized by financial service organizations to confirm a user’s identity with more than just a password. Increasingly, regulators are requiring extra security of customer data with this method. Examples of authentication methods that you likely currently use include entering your zip code at a gas pump or entering your PIN at an ATM.

Why is MFA being implemented?
We are implementing MFA as a necessary adaptation to the current cyber threat environment and regulatory changes issued by the New York Department of Financial Services and included in the National Association of Insurance Commissioners’ model law. We are making these changes to comply with the law, and to protect our insureds’ data and our information systems’ integrity.

Is MFA required?
Yes, beginning March 1, 2018.

How do I establish MFA?
The first factor will remain your password. To establish the second factor, you will select one of these options to verify your account with an access code:

  • Text message: Enter your mobile phone number and receive a text with a unique seven-digit access code to enter into the sign-in screen.
  • Automated voice call: Enter your phone number and answer an automated voice call. Listen for your unique seven-digit access code and enter it into the sign-in screen. Note: This option allows you to use your mobile or office phone number.

This additional “factor” provides an increased level of security. Instructions will then prompt you on the sign-in screen of the website.

How often will I have to complete MFA?
You will have to complete MFA each time you sign in to your account on a new device or use a new web browser unless you check the box labelled “Remember this device for 30 days” during sign-in. By checking the box, you’ll be able to defer MFA re-authentication for 30 days on future visits. If you do not check the box, you will need to provide your password and work through your chosen MFA option every time. For users who check “Remember this device for 30 days,” we will periodically require MFA re-authentication to safeguard the integrity of our information systems and help protect your online security.

Who do I contact if I need help?
If you have questions, contact your account manager at (800) 423-1504 during regular business hours.