385 Interlocken Crescent, Suite 1100
Broomfield, CO 80021
Two-step verification is a security process that requires users to provide two (or more) different types of information to verify their identity when accessing an account or system. Instead of just entering a password, two-step verification adds an extra layer of protection by asking for something you have (like a smartphone or a security token) or something you are (like a fingerprint). This way, even if someone steals your password, they will still need the additional information to access your account, making it much harder for unauthorized users to gain access. Two-step verification helps keep your personal and sensitive information safer online.
In the “User Preferences” section of ICAT Online, accessed via the person icon in the top right, a new tab has been added titled “Two-Step Verification.” On that page, select “Get Started” or “Add Another Method” and choose the method you will use for this process. The screens will guide you through connecting that method or device. The next time you log in, two-step verification will be enabled, and you will be required to enter the verification code sent to your chosen authentication method.
The “Don’t require verification on this browser” option only works until browser cookies have been deleted. Many companies automatically apply a setting to browsers that forces the removal of browser cookies every time the browser is closed. Check with your local IT department to see if your company applies this setting.
A browser cookie is a small piece of data that websites store on your computer when you visit them. It helps the website remember things about you, like your login information or preferences, making your browsing experience smoother. Not to be confused with a regular cookie which is a small, sweet cake, typically round, flat, and having a crisp or chewy texture. All this talk about cookies is making me hungry!
To disable the two-step verification, please remove all enabled devices or methods by going to the “User Preferences” section in ICAT Online. Please note, this setting will eventually be mandatory to continue to log into ICAT Online.
If you lose access to your Two-Step Verification device or method, after entering your normal username and password, the Two-Step Verification screen that appears will provide a link for “Lost access to your authentication device/method?” If you click that link, the screens that follow will guide you through regaining access by having a recovery code emailed to you or using a second method/device if you have enabled multiple methods/devices.
If you need to update or change your phone number(s) associated with two-step verification, you will need to log in and navigate to the “User Preferences” section of ICAT Online and select the Two-Step Verification tab. Once there, click the edit (pencil) icon next to the method you need to change. This will allow you to delete the existing phone number and add the new one by directing you back through the set-up process. Only one phone number is allowed per method and only US phone numbers without extensions are accepted.
If you have received more than five separate phone calls in the last 24 hours with a verification
code, you should receive a message that you have exhausted the number of phone calls allowed. You
will need to re-enter your email and password and upon receiving the Verify Your Identity prompt,
click the link “Lost access to your authentication device/method?”. Then, choose another method to
log in with.
Helpful Hint: If you are using Phone Call as your verification method and you are
accessing from a trusted/non-public device, it is recommended that you select the box next to the
“Don’t require verification code on this browser for 90 days or until cookies are deleted”. This
will help reduce the chances of meeting that limitation.