2-Factor Authentication made mandatory for govt emails

The National Informatics Centre (NIC), which provides government email service has brought out additional security measures for the emails. The move comes after repeated incidents of government officers’ official email passwords being compromised due to negligence in basic security practices.  

All users availing the email services from NIC need to use 2FA to access their account. 2FA or the 2-Factor Authentication is a method that requires additional authentication instead of the password alone. It is similar to the OTP by SMS in addition to the regular passwords as using in baning sites. So even if the password is breached, the access to the account cannot be gained. 

For the email provided by the NIC, users have to install the Kavach app in their mobile or computers. During the installation, the credentials will be verified via the SMS sent to the registered mobile number for the user. While installing the necessary permission for allowing the notification on the device needs to be granted. On login to the email in the browser, a notification will be sent to the device from the Kavach app asking to “Accept”’ or ” Deny”. One accepted, the login process will be completed and email service can be accessed. Alternately, a frequently changing OTP, obtained from the Kavach app can be suffixed with the password in the email login screen for logging in. 

The Kavach app can be obtained from the following links

• For Desktop - https://kavach.mail.gov.in/
• For Android - https://play.google.com/store/apps/details?id=com.gov.in
• For iPhone/iPad - https://apps.apple.com/in/app/kavach-authentication/id1227301621

Instructions for using the App

1. Log in with your username /password and press enter
2. You will get a notification from the Kavach app asking you to “Accept”’ / ” Deny”.
3. Pls “Accept” immediately. Any delay will result in “timeout”
4. Please note that you need to be in a strong network signal zone for the notification. If for any reason you are in a weak signal zone, then you may not get the notification immediately. Please use the following two option in such a scenario:
   1. Use the “PULL” option to get the notification OR
   2. Use the OTP and suffix it with your password and then press “enter. OTP is the number that you see on the main screen of your Kavach App as shown below.
5. You can also apply the country policy using the Kavach app
6. IMAP as a service can also be enabled/disabled using the app
7. As informed user, it is recommended to check your logs for access activity
8. You are advised to please go through all the options available on the app for using it effectively For any issues send a mail to mailServices@nic.in.