Protecting Access to Administrative Systems with Two-Factor Authentication (2FA)
There are recent reports from a couple of local universities on unauthorized accesses to their administrative systems, attributable to the inadvertent disclosure of passwords by some users. These incidents serve to remind us of the importance of securing our own passwords as always. Taking this opportunity, we would also like to draw your attention to a recent initiative targeted at securing access to critical systems.
Two-Factor Authentication (2FA) is an enhanced mechanism for logon. After entering your password, you will be prompted to confirm your access with a designated device (e.g. your mobile phone). Essentially this helps prevent unauthorized access even if the password of a user is compromised.
2FA is commonly deployed in major North American universities as well as for Internet banking. Since early this year, ITSC has been working with ISO and other units on campus to promote the use of 2FA by all staff and students. Now we are pleased to announce that access to most administrative applications maintained by ISO can be protected by 2FA.
To enjoy this extra protection, please follow 2 simple steps:
- Enroll into the 2FA service using your mobile device:
http://itsc.ust.hk/services/cyber-security/duo/setup-two-factor-authentication
- Migrate your Administrative Password to use ITSC password and 2FA:
https://www.ab.ust.hk/ai/ai_migrate_2_2FA.htm
While adoption of 2FA is voluntary at this moment, access to certain critical systems including the administrative applications will mandatorily require the use of 2FA by the end of 2017. This is for the protection of individual users as well as the University because unauthorized access to critical systems put both at risk.
You are highly encouraged to join the growing number of colleagues who have adopted this new protection as soon as possible. For an up-to-date list of services and applications supported by 2FA as well as further details about this service, please refer to:
http://itsc.ust.hk/cyber-security/2FA
Please do not hesitate to contact our Service Desk (Ext : 6200) or email to cchelp@ust.hk in case you need any assistance.