Multifactor Authentication Frequently Asked Questions
What’s Changing | Actions to Take | Getting Ready for MFA | Additional Help
Introduction
1. What is multifactor authentication (MFA)?
MFA is a security method that requires the use of two or more authentication factors to verify a user’s identity. MFA provides greater assurance that users are who they say they are and helps keep information and systems safe, even if one set of credentials (such as a username and password) has been compromised. Many institutions, such as banks and other insurance companies, are also implementing this additional layer of security.
Learn more about how MFA can help protect against cyber threats here.
2. How does MFA work?
To verify a user’s identity prior to granting access, MFA uses authentication factors. For example, when a user logs in to an organization’s network, the first authentication factor may be the user’s standard username and password. The second factor may include a one-time passcode sent to the user’s smartphone.
What’s Changing
3. What is changing?
The process for logging in at Travelers will now require MFA. This means that when an agent or broker partner logs in with their username and password, they will also be required to verify their identity through one of four methods of verification: Google Authenticator mobile application, SMS text, voice call or email.
4. Why is Travelers implementing MFA?
Cybercrime is a growing threat, and organizations need to take precautions to secure their information and systems. Passwords are not always enough to prevent fraudulent sign-in attempts and breaches. MFA can help stop cyberattacks in their tracks, blocking 99.9% of account-compromising attacks.
5. To whom does this new process apply?
Our agent and broker partners accessing Travelers’ systems in the United States and Canada will experience MFA upon logging in.
6. When does MFA go into effect?
Travelers will roll out MFA in waves, starting with a pilot group in March 2022. Communications and information will be provided in advance. When logging in, each affected user will be guided to provide a unique passcode in addition to their username and password.
7. Will I have to reauthenticate?
Once MFA is implemented, a user will need to reauthenticate every 30 days. Users will also be prompted to reauthenticate if they clear their cache, cookies, or use a different device or internet browser.
8. Will MFA impact Comparative Raters, Agency Management Systems or other tools that connect with Travelers’ systems?
We will be handling protocols for these systems separately. If you have a question, please contact your Travelers representative.
Actions to Take Now
9. If our company shares IDs, what do I need to do?
Each individual user needs their own unique username and password. Sharing login credentials with others is a security risk and cannot be done with MFA. If you don’t already have an individual login, set one up as soon as possible and confer with your colleagues to avoid any disruption in transacting business with Travelers. Test new user IDs and enroll in MFA prior to quoting business.
10. How do I set up a new login?
First check with your Agency User Administrator (AUA) or company's account administrator. If your office does not have account support, contact us by calling the appropriate Help Desk:
If you support Business Insurance (includes Bond & Specialty), contact the Help Desk at 800.842.2522 (Monday-Friday, 8 a.m. to 8 p.m. ET) and select Option 1.
If you support Personal Insurance, contact the Help Desk at 800.243.1334 (Monday-Friday, 8 a.m. to 8 p.m. ET) and select Option 6, then Option 1.
If you are an RMIS agent, contact the Help Desk at 860.277.5800 (Monday-Friday, 8 a.m. to 5 p.m. ET) and select Option 4.
If you are in Canada, contact Customer Service at 800.268.4543 (Monday-Friday, 7:30 a.m. to 7 p.m. ET) and select Option 1.
11. I already have a username and password; how should I prepare?
Every user will need to provide a phone number or email address at login when setting up MFA for the first time. Go to your Travelers user profile and be sure that your email address and phone number are correct.
If you have any questions when setting up your account or confirming your profile information, please follow the instructions below:
If you support Business Insurance (includes Bond & Specialty), contact the Help Desk at 800.842.2522 (Monday-Friday, 8 a.m. to 8 p.m. ET) and select Option 1.
If you support Personal Insurance, contact the Help Desk at 800.243.1334 (Monday-Friday, 8 a.m. to 8 p.m. ET) and select Option 6, then Option 1.
If you are an RMIS agent, contact the Help Desk at 860.277.5800 (Monday-Friday, 8 a.m. to 5 p.m. ET) and select Option 4.
If you are in Canada, contact Customer Service at 800.268.4543 (Monday-Friday, 7:30 a.m. to 7 p.m. ET) and select Option 1.
Getting Ready for MFA
12. If I have my own unique ID, what do I need to do next?
Log in to Travelers using your username and password. When prompted, register the MFA options you prefer. It is recommended to have more than one registered option, and you can select up to four: Google Authenticator, SMS text, voice call or email.
If you choose to authenticate via smartphone, download Google Authenticator from the App Store (Apple) or Google Play Store (Android) and follow the setup instructions. Once the app is downloaded, you will be required to use your smartphone to sync with Travelers using a unique QR code (specific to Travelers) provided to you as a last step to set up your MFA. Google Authenticator will continue to provide separate codes for other MFA applications that you may require. Learn more about how Google Authenticator works.
If you choose to authenticate via SMS text, voice call or email authentication, you will be asked to enter a phone number or email address to receive a one-time passcode. You will be asked to enter the passcode provided by SMS text, voice call or email as a last step to set up your MFA.
13. How will I know that I registered my ID?
You will receive an email indicating that there has been action on your account. It is important that your email address is current in your profile to ensure actions being taken on your behalf are valid.
14. Which MFA option does Travelers recommend?
Travelers recommends using the Google Authenticator app as your primary authentication option but suggests registering for SMS text, voice call and email as well. Google Authenticator can be downloaded for free from the App Store (Apple) or Google Play Store (Android).
15. If I register my options, can I reset my MFA preferences in the future?
Once you’ve registered, you’ll need to call the Help Desk if you need to reset your preferences. That’s why we recommend registering for all four options: Google Authenticator, SMS text, voice call and email.
16. Can I use a different authenticating application for MFA other than Google Authenticator?
No. At this time, Google Authenticator is the only supported mobile authentication application.
17. Will I need to authenticate more than once if I use multiple Travelers applications?
There is no need to reauthenticate if you are accessing other applications that use the same MFA method and are using the same device and browser. Once you have authenticated, you can access all your applications.
18. Can I use any internet browser when accessing Travelers’ systems?
MFA will work with most browsers; however, Internet Explorer 11 is being phased out and should not be used.
19. Will the MFA process change when my password expires?
No. The MFA method will not change if your password expires or is reset.
20. Will the current application timeout process be different?
The application timeout will stay the same; however, when you log back in, you will need to reauthenticate the login using the MFA.
21. Does this affect how our company’s systems connect to the Travelers’ systems and information?
No. The only change is how you access the Travelers’ systems, not how information is shared between the systems.
Additional Help
22. How will I log in if my smartphone isn’t working or unavailable?
You will need to use an MFA to verify your login every 30 days when using the same device. If you are unable to authenticate with a mobile phone, we recommend registering your office phone number. If you need to reset or add an MFA method, contact the appropriate Help Desk.
23. Who can I contact for help?
If you support Business Insurance (includes Bond & Specialty), contact the Help Desk at 800.842.2522 (Monday-Friday, 8 a.m. to 8 p.m. ET) and select Option 1.
If you support Personal Insurance, contact the Help Desk at 800.243.1334 (Monday-Friday, 8 a.m. to 8 p.m. ET) and select Option 6, then Option 1.
If you are an RMIS agent, contact the Help Desk at 860.277.5800 (Monday-Friday, 8 a.m. to 5 p.m. ET) and select Option 4.
If you are in Canada, contact Customer Service at 800.268.4543 (Monday-Friday, 7:30 a.m. to 7 p.m. ET) and select Option 1.
Multifactor Authentication for Travelers Agents and Brokers
Travelers is implementing multifactor authentication (MFA) with our agent and broker partners to help protect our company, our customers and each other from cybercrime.
