(A) When authenticating using 2FA all users must use the generated OTPs from their approved hardware token (dongle) or via approval through the Duo Mobile application in addition to their login credential.
(B) Only approved and registered hardware tokens (dongles) or the Duo Mobile application may be used for OTP generation.
(C) Lost, stolen or damaged devices must be reported immediately to the direct supervisor or County Administrator.
(D) Devices must be properly secured, not shared.
(E) Users are expected not to leave their OTP devices unattended in public places.
(F) Users should not mark their hardware dongle with any identifying information such as name, password, or any reference to DeWitt County systems.
(G) Computers will automatically lock the screen after five minutes of inactivity. This step is essential to enhance the security of our systems and protect sensitive information. This setting should never be changed by any employee.
(Res. 23-16, passed 12-21-2023)