What is Two-Step Verification (also known as Two-Factor Authentication or Multi-Factor Authentication) and why are we using it?
Two-Step Verification is the process of allowing access to an application or website after two factors are verified. Two-Step Verification is incorporated into ePASS® to provide an extra layer of security against unauthorized access to healthcare data should your password be compromised. In order to use Two-Step Verification, you will have to choose a second method of verification in addition to password - Okta Verify (Inovalon Recommended), Google Authenticator, SMS Verification or Voice Call Verification. A description of each verification method is below:
- OKTA Verify (Inovalon Recommended): uses an Okta Authenticator App to produce login codes needed when signing into ePASS®.
- Google Authenticator: Google App will produce a login code needed at the time of signing into ePASS®.
- SMS Verification: A SMS (text) message is sent with a code each time your ePASS® account is signing-in.
- Voice Call Verification: An automated phone call will occur each time your account signs into ePASS® and the phone call present a code.
How can I register for Two-Step Verification?
Two-Step Verification will be released this year. A display banner will be shown when you sign into ePASS® and will guide you through setup process or an account update window will automatically pop-up when you sign in. You will have a few months to adopt Two-Step Verification.
What web browsers work with Two-Step Verification?
Two-Step Verification will require users to have recent versions of Chrome (Google), FireFox (Mozilla), or Edge (Microsoft). Safari and Internet Explorer are not supported, may not function properly and are not recommended for accessing ePASS®. Specific versions for supported web browsers are below:
- Google Chrome Version 80 or higher (recommended)
- Mozilla FireFox Version 78 or higher
- Microsoft Edge Version 81 or higher
Is there a new website URL for connecting to ePASS®?
Can a user switch the authentication option after the initial Two-Step Verification setup?
Yes, in order to do so please visit inovalonone.okta.com and follow these steps:
1. After logging in, select your name in the top right section of the web page and click Settings.
2. Select Edit Profile and you will be prompted to change your verification method.
How long before my ePASS® session expires, and do I have to complete Two-Step Verification every time a session expires?
A session will time out after 15 minutes of no activity. At that time the user will have to sign in again, which will include Two-Step Verification.
Is Voice Call Authentication feature available in other languages?
The Voice Call Authentication feature is only available in English. There are three other options available to users if voice call authentication is not ideal for your authentication process:
- Okta Verify (Inovalon Recommended)
- Google Authenticator
- SMS Authentication
Can a landline phone number be used for voice-based authentication?
Yes, a landline phone will work with Voice Call Authentication. A mobile phone is recommended but not required.
Is there phone or email support for any issues?
ePASS® support is available by phone Monday-Friday 8:00 AM – 8:00 PM EST and 10:00 AM – 6:00 PM Weekends & Holidays by calling 877-448-8125 or by email at epassSupport@inovalon.com.