The Department of Defense (DoD) is launching an 18-month transition to replace its legacy DS Logon authentication system in favor of a new platform – dubbed myAuth – which aims to simplify and secure login access across military and veteran networks for about 20 million users.
The transition will impact a wide range of DoD-affiliated individuals – including active-duty personnel, retirees, family members, civilians, contractors and vendors – who rely on access to over 200 DoD and Department of Veterans Affairs websites.
myAuth is based on a commercial identity-as-a-service product, rebranded and hosted in a secure DoD cloud. It has been authorized by the Defense Information Systems Agency and offers more flexible login options than DS Logon, according to Zachary R. Gill, branch chief at the Defense Manpower Data Center.
System availability is a key metric for the rollout, with a target uptime of 99.99 percent. As of mid-July, more than 740,000 users had created accounts, with a self-service success rate above 99 percent.
One of myAuth’s major advantages is providing access for users who do not possess a common access card (CAC), such as retirees or beneficiaries. It also serves CAC holders who may not have access to CAC-enabled devices while traveling or working remotely.
The platform incorporates Okta Verify, a mobile app that enables secure access with biometric features such as facial or fingerprint recognition. While CAC remains the highest level of authentication (assurance level three), myAuth can scale access requirements depending on the system’s security needs.
“In our community, we serve a lot of members that may not have access to smartphones and may not have access to technology,” Gill said, noting that not all users have smartphones or require high-level authentication.
In addition to DS Logon, myAuth will consolidate other authentication systems currently maintained by separate departments, reducing licensing and sustainment costs.
“There are multiple authentication systems across the department that each department is paying for individually, which means each department is paying for sustainment costs or licensing costs,” Gill said. “myAuth will collapse those one-off systems, providing an enterprise solution.”
The Defense Manpower Data Center is conducting a broad communications campaign, including email notifications and coordination with the Defense Health Agency, to inform affected users.
Users can already register with myAuth using their DS Logon credentials. Those who wait until DS Logon is decommissioned may need to reverify their identity. A help section on the myAuth website offers step-by-step guidance for login, account creation, and troubleshooting.