What is Two-Step Verification (also known as Two-Factor Authentication or Multi-Factor Authentication) and why are we using it?
Two-Step Verification is the process of allowing access to an application or website after two factors are verified. Two-Step Verification is incorporated into ePASS® to provide an extra layer of security against unauthorized access to healthcare data should your password be compromised. In order to use Two-Step Verification, you will have to choose a second method of verification in addition to password - Okta Verify, Google Authenticator, SMS Verification or Voice Call Verification. A description of each verification method is below:
- OKTA Verify: uses an Okta Authenticator App to produce login codes needed when signing into ePASS®.
- Google Authenticator: Google App will produce a login code needed at the time of signing into ePASS®.
- SMS Verification: A SMS (text) message is sent with a code each time your ePASS® account is signing-in.
- Voice Call Verification: An automated phone call will occur each time your account signs into ePASS® and the phone call present a code.
How can I register for Two-Step Verification?
Two-Step Verification will be released this year. A display banner will be shown when you sign into ePASS® and will guide you through setup process or an account update window will automatically pop-up when you sign in. You will have a few months to adopt Two-Step Verification. More information about registering for Two-Step Verification can be found by clicking the link here.
What web browsers work with Two-Step Verification?
Two-Step Verification will require users to have recent versions of Chrome (Google), FireFox (Mozilla), or Edge (Microsoft). Safari and Internet Explorer are not supported, may not function properly and are not recommended for accessing ePASS®. Specific versions for supported web browsers are below:
- Google Chrome Version 80 or higher (recommended)
- Mozilla FireFox Version 78 or higher
- Microsoft Edge Version 81 or higher
Is there a new website URL for connecting to ePASS®?
Yes, connect to ePASS® using https://epass.inovalonone.com/ Please note users using the existing URL https://epass.inovalon.com/ will be redirected to https://epass.inovalonone.com/. If you receive an error, please check with your network administrator to ensure the following URLs are whitelisted (not blocked or restricted):
I currently have an INDICES® account that uses Two-Step Verification, can I have one single account for both ePASS® and INDICES® applications?
Users with an ePASS® account can be linked to their existing INDICES® account. To link your accounts this, please email firstname.lastname@example.org and include your first name, last name, email address (INDICES® account) and ePASS® Username. Inovalon can merge your INDICES® and ePASS® accounts so that you can continue to use your existing INDICES® login credentials to sign-in. Once setup you will be directed to complete one-time Two-Step Verification upon visiting the ePASS® application.
Can health plans help in the migration process to Two-Step Verification?
Health plans can contact their Inovalon Client Services Manager (CSM) to discuss a communication strategy for their providers and users. Additionally, health plans should ensure the following web addresses are accessible from their network:
Can a user switch the authentication option after the initial Two-Step Verification setup?
Yes, in order to do so please visit inovalonone.okta.com and follow these steps:
1. After logging in, select your name in the top right section of the web page and click Settings.
2. Select Edit Profile and you will be prompted to change your verification method.
How long before my ePASS® session expires, and do I have to complete Two-Step Verification every time a session expires?
A session will time out after 15 minutes of no activity. At that time the user will have to sign in again, which will include Two-Step Verification.
Is Voice Call Authentication feature available in other languages?
The Voice Call Authentication feature is only available in English. There are three other options available to users if voice call authentication is not ideal for your authentication process:
- Okta Verify
- Google Authenticator
- SMS Authentication
Can a landline phone number be used for voice-based authentication?
Yes, a landline phone will work with Voice Call Authentication. A mobile phone is recommended but not required.
Is there phone or email support for any issues?
ePASS® support is available by phone Monday-Friday 8:00 AM – 8:00 PM EST and 10:00 AM – 6:00 PM Weekends & Holidays by calling 877-448-8125 or by email at epassSupport@inovalon.com.