Search this website
What is Multi-Factor Authentication (MFA)?
Normally you use your email address and password to log into your NHSmail account. Multi-factor authentication (MFA) is an additional way of checking that it is really you when you log in to your account.
In addition to your email address and password, you will need to set up a second form of authentication, such as an authentication app on your mobile phone, text message or phone call. This second layer of security is designed to prevent anyone but you from accessing your account, even if they know your password.
Why is MFA important?
Cyberattacks on electronic health records and other systems pose a risk to residents privacy because hackers access sensitive information potentially causing harm to residents safety and care delivery. Hackers can have ransomware viruses to hold medical records or devices hostage, risking your access to vital tools and information.
The national roll out of Multi-Factor Authentication began on 19th August 2024 for users who have not yet enabled MFA.
The enablement begins with a two-week MFA Registration Campaign from 19th August 2024 to 2nd September 2024, where affected users will receive a pop-up countdown notification asking them to register an authentication method whenever they login to their nhs.net account.
Users can choose to self-enrol for MFA or snooze this notification so they can log in to their account allowing them to work. However, please note that the countdown notification will end after a period of 14 calendar days. From 2nd September 2024, they will need to complete further steps to access their account.
How will the access change?
From 2nd September 2024, existing users who have not taken any action will be moved into a specific group that has a stronger sign in policy, changing their login experience requiring:
If you require any support in setting up MFA please contact us nwicb.digitalsocialcare@nhs.net