Scissortail Multi-factor Authentication Sept. 2023 Release

Scissortail (powered by UKG)  is enhancing sign-in security to protect your data. Password requirements are designed to protect against cybercriminals obtaining user’s credentials much harder to obtain. MFA is going to impact users based on their information security access. 

System Administrators are going to be required to authenticate every 24 hours. I strongly suggest using an authenticator app. Both the free Google Authenticator and Microsoft Authenticator apps are excellent tools to replace text message verification. 

These apps are simple to use and offer heightened security for your accounts. No longer waiting for text, email, or voice call, the authenticator apps save time logging in. 

Helping to Prepare for Change: Here are the Password and MFA requirements)

Minimum Requirements for Strong Passwords for everyone

• Minimum Length – 15 characters
• Maximum Length – 64 characters
• First login – within 30 days
• Complexity – (At least one uppercase letter, one lowercase letter, one number, special character) 
• Maximum of 4 repeating characters 
• Maximum Password Age – 180 days 
• Minimum Password Age – 1 day
• Ability to change password – Once per day
• Account Lockout – After 5 consecutive unsuccessful attempts (Upon lockout from attempts will reset in 30 minutes and the “Forgot Password” feature can be used)

Inactivity Lockout – account status will become inactive after 180 days of inactivity. User accounts will need to use the “Forgot Password” feature or contact the HR Administrator.

• Password History – Can reuse passwords after 24 unique passwords
• Storing a Password – Disabled

‍

MFA Options 

(changing devices like laptop, tablet, or phone will require re-authentication)

• High Security – text, email, voice, or authenticator app (Reauthenticate every 24 hours or change device)
• Medium Security – text, voice, email, or authenticator apps (Reauthenticate every 7 days or change device)
• Low Security – text, voice, email, or authenticator app (Reauthenticate every 7 days or change device)

‍

In conclusion, ensuring a secure experience is vital in today's digital world. By staying informed with the latest UKG update and following the recommended security measures, such as longer passwords and the use of password managers, users can protect their email address and personal information from potential threats. Implementing measures like MFA options and regular re-authentication helps prevent unauthorized access and reduces brute force attack risks. 

It is important to understand the importance of cybersecurity and the significance of taking necessary steps to prevent a security breach. Remember, stronger passwords, combined with the use of password managers and regular password changes, can significantly enhance security. Stay vigilant and ensure your accounts are protected by regularly updating passwords and staying informed about the latest security protocols. By following these practices and increasing awareness about cybersecurity, we can collectively contribute to a safer digital landscape. When questions arise, please contact us!

‍