Division of Information Systems

Main Content

General Entrust FAQ


What is Entrust?

Entrust IdentityGuard is a multifactor authentication system used by UMMC to secure the authentication process and confirm your identity when logging into Webmail. Entrust is similar to systems many banks use to secure the log-in process to online banking websites. Most banks require you to provide a username, password and a security code or answers to security questions during the log-in process.

Why do I have to register? Is it required?

Yes, in order to access Webmail inside or outside of UMMC, users will be required to register with Entrust IdentityGuard. This is to better protect UMMC's data and provide a secure environment for our users.

What if I do not have a mobile device?

For users that do not have a phone compatible with Entrust's mobile app, users must provide answers to three (3) security questions to complete the log-in process. These security questions and answers are chosen by the user during the Entrust enrollment process.

How many devices can I activate the entrust soft token?

You can have up to three (3) devices with the Entrust soft token.

What is a "soft token?"

A soft token is what generates the security code and/or allows you to verify from your mobile device that you are logging into your account.

For example, when you log into Webmail from your laptop from an off-campus location (i.e., a coffee shop down the street), you will receive an alert from Entrust on your laptop asking you to respond. When this happens, you will go to your mobile device and select the Entrust app. The soft token within the app is what prompts you to verify your log-in attempt or provides you with a security code that you will enter to confirm that you are, in fact, logging in. Once you successfully complete this step, the token will allow you to access to your account.

You can find step-by-step instructions (with screenshots of what you will see) on our tip sheet titled "Logging into Entrust Authorization: Webmail."


Where do I find the instructions to download the Entrust 2-factor authentication?

You can find step-by-step instructions on one of our tip sheets listed below, according to the device you will be using:

There are many additional tip sheets available (with step-by-step instructions) located on the UMMC Entrust webpage as well.

Which Entrust app do I download?

Users should download the Entrust IdentityGuard Mobile App (see logo below) free of charge from their device's app store. Do not download the Entrust IdentityGuard Mobile Smart Credential App; this app is not compatible with our system.

Do I need to download Entrust on my computer or other device?

You only need to download Entrust on a mobile device. All smart phones and tablets that you use to access your information should have Entrust. Desktop and laptop computers, as well as any other non-mobile device, will not require the Entrust app.

Entrust Logo 2


Using Entrust to access UMMC Webmail

What do I do after I register to access my UMMC Webmail?

Once a user enrolls in Entrust, logging into Webmail from inside UMMC will not change. When logging into Webmail from outside of UMMC, the user will be prompted for a second-factor of authentication. This will require the user to do one of two options:

  • To "complete a transaction" using the Entrust Mobile App


  • Enter a "security code" generated by the Entrust Mobile App

View step-by-step instructions on our Entrust tip sheet titled, "Logging Into Entrust Authorization Webmail Procedure."

Why is it only asking me to authenticate when I open my email?

At this time, only Webmail requires authentication by Entrust. In the near future, Citrix and VPN access will also be protected with Entrust.

Why does Entrust ask me to authenticate sometimes and not all the time?

Within the Entrust system, we have risk-based analysis (RBA) configured, which allows the Entrust system to detect if a user is logging into Webmail from inside or outside UMMC's network. When inside UMMC, Entrust will not require a user to enter a second factor of authentication. When outside the UMMC network, however, users will be required to enter a second-factor of authentication to complete the log-in process.