Keystone uses two factor authentication (2FA) to add an additional layer of security to our email system. In order to gain access to your emails you will need both a password and an authenticator app or PIN as a second factor of authentication. This is standard on all devices that have access to our data, but the strength of the security rests on you only approving a proper authentication request.
For security, after 60 days, our systems will log you out and you will need to reauthenticate to regain access. At no other time though should you approve an authentication request. Authentication requests can also be generated by a hacker trying to access our systems. 2FA will stop them and you will receive an authentication request. You must not approve it. If you approve an unauthorised authentication request, you are allowing a hacker into our systems. This is a breach of our IT Usage Policy, the SRA Code of Conduct and your agreements with us.
A proper authentication request will be sent when any device (laptop, tablet, phone etc.) no longer has permission to access our systems. It will display a clear error message to you and prompt you to reauthenticate. You will not have access to your emails from that device until you reauthenticate. If in any doubt, do not reauthenticate, just carry on working. If you cannot send and receive emails, then your device will ask you again to reauthenticate before your eyes. Once you see this, you know you are ok to approve the authentication request on your phone. If, when you carry on working, you still have access on all your devices to your emails, that is a sign that a third party is attacking our systems. You must report that immediately to the IT Team.