There are recent reports from a couple of local universities on unauthorized accesses to their administrative systems, attributable to the inadvertent disclosure of passwords of some users. These incidents serve to remind us of the importance of securing our own passwords as always. Taking this opportunity, we would also like to draw your attention to a recent initiative targeted at securing access to critical systems.
Two-Factor Authentication (2FA) is an enhanced mechanism for logon. After entering your password, you will be prompted to confirm your access with a designated device (e.g. your mobile phone). Essentially this helps prevent unauthorized access even if the password of a user is compromised.
2FA is commonly deployed in major North American universities as well as for Internet banking. Since early this year, ITSC has been working with ISO and other units on campus to promote the use of 2FA by all staff and students. Access to certain critical systems including the administrative applications will mandatorily require the use of 2FA. We are working with departments to implement the needed changes in a phase by phase manner and the adoption is targeted to complete by the end of 2017.
Like many other sites in the world, our users' feedbacks on the use of 2FA have been positive after using it for a while. Please understand that this is an important cybersecurity protection for individual users as well as the University because unauthorized access to critical systems put both at risk.
You are highly encouraged to join the growing number of colleagues who have adopted this new protection as soon as possible. For an up-to-date list of services and applications supported by 2FA as well as further details about this service, please refer to: