Delaware Department of
Technology & Information

Delaware Department of Technology & Information – Employee Self Service’s New Home

It’s ‘2-Step’ easy to get your new Employee Self Service access!

Accessing Employee Self Service requires completing TWO STEPS:

Step 1: NEW and Existing employees who have not established my.delaware identities to reach Employee Self Service should first contact your Human Resource representative to assure the personal email you plan to use for is in your PHRST Personal Information as your Home and Okta-My.Delaware. People who already have a my.delaware identity can provide HR with the personal email associated with their existing identity so it can be added as Okta-MyDelaware email in their personal information.

Step 2: Signing up with your same Home Email at (instructions in this PDF provide details to complete Step 2)

Frequently Asked Questions

How will I access Employee Self Service if I don’t have a computer/Internet/email/smartphone of my own at home?
An employee can and should use work equipment and Internet access to:

1) Create a free email account.
2) Contact your HR representative to have them enter that Home email in your PHRST employee record’s personal information.
3) Create your identity using that home email.

All of this can be accomplished at work, using a state computer, state telephone equipment, and state Internet access. You can always use a state computer to access


I already have and use a identity. Can I input the same home email address as my Home Email in Employee Self Service?
Yes, please do! An employee should provide Human Resources with the same home email address that was used to create the existing identity to prevent the unnecessary duplication of access for the same person.


FAQ Sections

How do I get a home email address if I don’t have my own?
Free email account providers where anyone can create an email account to use as a “home email address” for State of Delaware purposes include:

It is fine to use a work computer to fulfill the migration requirements (to create and access your free email account and to register for a identity).


So how do I create my own gmail account?
Just go straight to Google and go through their process. It’s simple and only takes about 3-5 minutes.

If that looks overwhelming (it’s not hard), here’s a step-by-step set of instructions on how to set up your google account (which gives you email).


I don’t want to share my personal home email address with my employer: what should I do?
Anyone who does not want to use their personal primary home email address may create and provide an email account with a free provider to use just for State of Delaware Employee Self Service “Home email” purposes. You must be able to access this email account to receive the registration invitation and to register for a identity. You can obtain a free email account from any provider, including those listed above, and you may use a work computer to create the account and register on

State employees who want electronic access to participate in Open Enrollment for State of Delaware employee benefits or the State Employee Charitable Campaign, for example, will need to have a identity to access these applications online.


My family uses a single email address for all of us. Can I use this as my home email address?
No. An employee’s “home email address” needs to be unique to each employee, not shared with anyone else in the family. Even if only one member of the family currently is a State of Delaware employee, other family members may need identity to transact business with the State of Delaware and won’t be able to use the shared email, either.

For a identity, each person needs a unique email address they alone control access to; this protects access to employment and other personal information.


My spouse and I share the same home email address; can we share a identity?
No. Even if your spouse is not a State of Delaware employee, you cannot share a identity– just like you cannot share a Delaware Driver’s License. Everyone needs their own validated identity; this requires each person to have their own individual home email address.

Why should I provide a home email address now?
An employee’s home email address will be converted to a unique username for the Okta system. An invitation to register your identity will automatically be sent to your home email, making it simple to register for my.delaware. Providing your home email now means easily going through the automatic process than obtaining a identity later when there might be a lag to fulfill your access request.

An employee will use the system to access Employee Self Service (for pay and benefit information) and other public-facing State of Delaware applications and services, such as State of Delaware Pension system and Child Support Services, for example, even after employment ends. Eventually, many kinds of transactions will require a identity which is intended to serve you for your entire lifetime.


How will the State of Delaware use my home email address?
The State intends to use the home email address an employee provides this fall to automate the creation of each employee’s lifetime identity (by writing the email address to a protected “Okta email” field in your employee file). The invitation to complete registration for your identity will be sent to your home email address.

Once you complete your registration, your identity will be granted access to Employee Self Service and other applications.


Can I select my home email address as my “preferred” email address?
Of course! It is important to know that you must select a “preferred” email address because many important communications, including benefits information, are sent via this contact method. You must designate one of your email addresses–most commonly either business or home–as “preferred” and can only have a single “preferred” email address.


What if I must change my personal email address later?
You can change your home email address (which could be used for State correspondence) anytime. However, after migration, when your home email is used to create your Okta Email (username on my.delaware), changing your home email will NOT cause any change in Okta Email which will remain your login, even if your correspondence email in Employee Self Service is changed. In rare circumstances where you must abandon a home email account because of legal or security concerns, you can work with your HR representative to change your Okta login credential to a different home email.


I do not wish to receive unsolicited emails from SOD third party agents. How will the State of Delaware protect my home email address?
The State of Delaware considers the Home email address you share in your Employee Self Service Personal Information to be confidential information. You get to choose which email (home or business) you wish the State of Delaware to use for official communications –specifically, benefits enrollment communications, for example. The State of Delaware has no intention of harvesting or selling your home email address to anyone.

The email address that you designate as “preferred” is provided to your chosen SOD benefits providers so they may do outreach to employees as needed for care or disease management, etc. You need not use your home email address for anything except to allow you to create a my.delaware identity that can be linked to your Employee Self Service identity (your Home email acts as a unique identifier for this purpose).

Why can’t I continue to use my Delaware ID to access Employee Self Service?
Your Delaware ID is for work-related applications and systems. To safeguard your lifetime online access to State of Delaware digital government services (such as your pension), you will need a identity.

Employee Self Service (ESS) is moving to to assure uninterrupted access for workers who frequently change state employers (especially those working in education), and to make electronic access to ESS available to the many workers who don’t have a state email account. Access and identity linked to a person’s home email makes this possible and puts access in the employee’s control.


Why can’t I continue use my employee ID as my username to log in?
An employee’s ID number is considered to be private information, similar to a Social Security Number, that the State of Delaware does not want to expose. The new system requires an email address for identity registration.


Why can’t I use my work/State email address for access?
The system will not accept addresses as “Home email” if the address ends in:,, or

Not all employees have work/State email addresses.

Some employees have multiple work addresses due to having multiple assignments or responsibilities.

Employees lose their work email and work-related Okta Delaware ID when state employment ends.

An Okta identity is intended to be a unique-to-you, lifetime access username to any State of Delaware-related online service. After employment ends—either by retirement or by separation—a former employee can use to see tax and pay information, access the Pension system, and continue to transact other business with the state. Access to Employee Self Service via won’t be interrupted by a change in work email due to a job change.

What is Multi-Factor Authentication?
You use to reach your Employee Self Service application. This application accesses YOUR personal data that Delaware wants to keep safe and secure. Soon, when you log into Employee Self Service on to view a paystub or view benefits, you will be prompted to set up your Multi-Factor Authentication (Extra Verification) to prove you are YOU. This keeps your information safe.

You will be presented with MFA to verify you are YOU every time you log in. Additionally, you will receive an email from myDelaware alerting you to unusual login activity. If you DO NOT recognize the login attempt, please notify immediately.

The request to set up MFA will happen automatically the first time you log back into and select the Employee Self Service application after August 2, 2022.


How many authentication factors do I need?
Delaware recommends that you set up at least TWO factors from the four choices offered:

  1. SECURITY QUESTION: choose one from a wide variety of questions available. You type in your secret answer to log in.
  2. VOICE CALL: provide a 10-digit phone number to a phone you can answer when you are logging on, such as your home phone. Your phone receives a voice call providing an access number to type into your device to log in.
  3. SMS: provide a 10-digit phone number to a text-message-enabled cell phone. Your cell phone receives a text message with a code you type into your device to log in.
  4. OKTA VERIFY: an application you can download (from Google or Apple). Download to a smartphone before setting up this factor: you will need to open the app and aim your phone’s camera at the QR code provided during set up to sync the app and your my.delaware identity.

You can select among any factors you set up when you need to authenticate (e.g., select “Security Question” if you don’t have a phone nearby).


Is there a cheat sheet for setting it up?
Instructions on this PDF provide a step-by-step, screen-by-screen walk through of what to expect when you are asked to set up MFA.


Once it is set up, do I have to do anything else?
You only need to set it up once: any other applications requiring MFA in the future will be able to use it. You can modify your choices later (add or remove factors), but only IF you have access to at least ONE factor you set up.


What do I need to do when I get a new cell phone?
If you plan to get a new cell phone, you will need to remove the factors related to the old one (i.e., SMS and Okta Verify) before you set up a new phone as a factor (if possible, do this BEFORE you get a new number/phone). Having one non-cell-phone factor set up allows you to access your identity and change your factors even if you lose your cell phone.

I used the hyperlink and now I’m stuck in a “change your password” loop that never gets me to my profile to actually change the password.
This do-loop happens when you have had your browser open for a long time and an expired cookie locks your account.

We have an hourly process that unlocks the user accounts.  We ask you to first clear your cache, and close your browser.  Give the process time (about an hour) and start with a fresh browser and then try to login again.


Oops, my Home Email doesn’t match my Okta Email in my Employee Self Service Personal Information.
If you decided to change your Home email, and registered for with the updated Home email, please reach out to your HR representative to have that person change your Okta Email to match the Home email you used to register for your my.delaware.identity. You won’t see your Employee Self Service tile until at least 48 hours after the correction to your personal information is made.


My Employee Self Service tile never showed up on dashboard!
Here are the most common issues for not getting access (the Employee Self Service tile not showing up in 48 hours after my.delaware identity registration):

  1. Background processes and timing.
    Depending on when Human Resources makes a change to your Home email in Employee Self Service and when you complete your registration, it takes up to 48 hours for the systems to sync your identity AND to assign the tile.
  2. You did not provide Human Resources with a Home Email AND Okta-MyDelaware email to put in your PHRST Employee Self Service record.
    Contact Human Resources and assure they add Home and Okta-MyDelaware email to your PHRST record. After HR has done this correctly, your tile will show up within 48 hours.
  3. Your name or the email you registered with in My Delaware doesn’t match your PHRST data.
    Contact Human Resources to confirm exactly how your name, home, and Okta-MyDelaware emails appear in PHRST; make sure that you registered on myDelaware with the same email as is in your PHRST employee data. Make sure your name in your MyDelaware settings is spelled exactly the same as it is in your PHRST employee data.
Why is access to DE-SSO changing?
Delaware needs greater security for the state network and data. Access to applications and systems protected by DE-SSO will be protected by (or id.delaware) going forward.


Who made the decision to make this change?
The State of Delaware’s Chief Security Officer and DTI, in keeping with the governance policies conferred on them by The Delaware Code statue (Title 29, Chapter 90C) which enables the Department of Technology and Information.

DTI is mandated by the legislature’s update of Title 29 Chapter 90C Subchapter III to “mitigate cyber security risks related to critical infrastructure and protected systems;” DTI’s enabling statute further provides that DTI shall have the power to:

(1) Develop and implement a comprehensive information security program that applies personnel, process, and technology controls to protect the State’s data, systems, and infrastructure, within the State’s computing environment and on partner systems. All systems that connect to the State network shall comply with the State Information Security Program.

This change in access is part of an overall hardening of the state’s defenses of your personal information and other sensitive state data against bad actors. The State of Delaware cannot retain a system that no longer adequately protects state data. Data security breaches have the potential to incur great costs, both to the state and to individuals whose information is compromised. DTI acts with the full knowledge of, and in concert with, the other state entities who are responsible for employee data: the Office of Management and Budget and the Department of Human Resources. This change is being made because the State of Delaware must act responsibly to protect state data. Title 29 clearly states:

The General Assembly further finds and declares there is a critical role of information and information systems in the provision of life, health, safety, and other crucial services to the citizens of the State of Delaware and there is a need to mitigate the risk posed to these services due to ever-evolving cybersecurity threats.

Related Topics: