Official websites use .mil
Secure .mil websites use HTTPS
800-321-1080 M-F, 8 a.m. to 5 p.m. ET
Two-factor authentication (2FA) has become the standard for many commercial and government organizations in providing the best security for their customers. While login (user) IDs and passwords are still used, this additional layer of security requires customers to obtain a one-time PIN via email or text message in order to enter all or portions of a web-based system. For those employing 2FA security, the one-time PINs remain valid for a specified period of time. If not used within that time, the PIN becomes invalid and another will need to be requested. For most customers this is not a problem. The PIN is received and then entered into the system's logon screen. Others, however, have reported challenges in receiving their one-time PINs within the time limit, or not receiving them at all. A review of the servers supporting the DFAS myPay system reveals one-time PINS are, with very few exceptions, generated and sent within seconds of a request. For the most part, those receiving late PINs or not getting them at all have listed a smartphone or other mobile device as their preferred 2FA method within their myPay profile. According to some experts, delayed text messages can result from a busy network or those who may not recognize the myPay text as a legitimate message. Many have shifted their preference to an email address to alleviate difficulties in receiving their one-time PIN with enough time to complete their myPay logon. For the past several months, myPay has been capable of accepting PINs generated by third-party authenticator apps. These apps do not rely on receiving a request from the myPay system, but instead generate their own which myPay confirms before allowing access to individual accounts. Since its inception, DFAS has received confirmation of authenticator apps' usefulness, especially from retirees living overseas. One such confirmation came from Baguio City in the Philippines. The retiree related that using his preferred app allowed him to access his account quickly and easily from his location thousands of miles away from the U.S. The choice of which authenticator app to use is up to each individual customer. There are reviews of many of the more popular ones available online. These reviews often include the capabilities of individual apps, allowing customers to choose the one best suited for them. Once downloaded and installed in a customer's mobile device, instructions for using the app to access myPay are available on the DFAS website at: https://www.dfas.mil/mypayinfo/2FA/AuthApp/.
Page updated: Dec 9, 2021