Multi-Factor Authentication

Section 1

Angel Rivera: Training Lead

Multi-Factor Authentication

Multi-Factor Authentication (MFA) – sometimes called 2-step verification provides an extra layer of security beyond your username and password to protect you against account hijacking.

Many online services offer this extra security protection to help ensure it’s actually you trying to access your account – not just someone who stole or guessed your password. Based on the recommendations of the Academic Senate and information security leadership, there is system-wide support within UC to adopt these stronger security controls. This is essential for services like UCPath to better protect the safety of your data and the integrity and authenticity of changes made to your accounts. Once UCPath launches, employees will need MFA to access the UCPath Portal and to update your information.

OIT uses Duo for Multi-Factor Authentication, where in addition to username and password, you type a unique one-time use code or tap a push notification on your mobile device to approve a login request. OIT offers two types of Duo tokens:

  • Software Tokens
    • The token is in an app called Duo Mobile that you download on your mobile device that also offers the easy-to-use “push” capability in addition to generating the required unique codes.
  • Hardware Tokens
    • This option is for users who prefer not to use a mobile device. This physical fob device generates the required unique codes and you can place this token on your keychain, for example.

In addition, you can generate emergency backup codes to keep with you in preparation for urgent situations where you need to log in but your token isn’t working, and as always the OIT Help Desk is available to help if you encounter any issues. More information and instructional videos can be found at http://ucpath.uci.edu/training/Training_Resources/index.php. Watch for more information as we get closer to UCPath launch.