Multi-Factor Authentication: Difference between revisions

From William Paterson University - Information Technology's Wiki
Jump to navigation Jump to search
Line 15: Line 15:
|}
|}


If you change mobile devices, or if your Duo App becomes disassociated with your account you will need to reactivate your App.
If you change mobile devices, or if your Duo App becomes disassociated with your account you will need to [[Multi-Factor_Authentication#Reactivating_the_Duo_App|reactivate your App]].
 
 


==Logging in to WPconnect==
==Logging in to WPconnect==

Revision as of 14:24, 9 October 2018

Multi-Factor Authentication

Multi-Factor (Two Factor) Authentication is required for William Paterson University VPN Access, and will be implemented Fall of 2018 for WPconnect and additional services. If you have not signed up for Multi-Factor Authentication, please request access using the ticket type Account -> VPN Access.

Authentication and Software

Duo App for Mobile Devices

"Duo Mobile" can be downloaded from either the Apple App Store or the GooglePlay Store.

iPhone Duo Application

Duo iphoneApp.PNG

            Android Duo Application

Duo androidApp.PNG

If you change mobile devices, or if your Duo App becomes disassociated with your account you will need to reactivate your App.

Logging in to WPconnect

After you have logged in to the "Shibboleth" login page, you will be redirected to the Multifactor Authentication page for Duo.

DuoLoginWPconnect1.png

This page will allow you to select the Device you would like to use for Authentication. You can enroll multiple phone numbers or mobile device including tablets. Note: There is an option to remember your device by using the "Remember me for 4 hours" option if you

DuoLoginWPconnect2.pngDuoLoginWPconnect2-1.png

The suggested method of Multifactor authentication is to use Duo Push which utilizes the Duo Mobile Application on your mobile phone or tablet.

DuoLoginWPconnect3.png

Additionally, you can select to receive a phone call and acknowledge you login by pressing any key, or by using a Passcode that you generate using the Duo Mobile Application or by receiving a text message.

DuoLoginWPconnect4.pngDuoLoginWPconnect4-2.png

Please note that your account will be locked out after a number of authentication failures. Please submit a ticket, or calling 973-720-4357 to have your account unlocked.

DuoLoginWPconnect5.png

DUO Device Management Portal on WPconnect

To manage your multi function authentication devices you will need to visit the DUO Device Management Portal thru WPconnect. The DUO Device Management Portal is listed as Duo under Applications. You can Add or Remove devices from this portal. Mobile devices, both cellphones and tablets, as well as Landline phone numbers can be added for Authentication.


To manage your devices you must first authenticate against one of you existing devices.

DuoManagementWPconnect1.png

Reactivating the Duo App

From Device Options you can Reactivate your Duo Application (if you have a new mobile device), or change the description of you device.

DuoManagementWPconnect3.png

Manage Devices

From My Settings & Devices you can add a device or remove an old device, or select a device to automatically send a push notification to upon login.

DuoManagementWPconnect2.pngDuoManagementWPconnect4.png


Add a new a device

DuoManagement-AddDevice1.pngDuoManagement-AddDevice2.pngDuoManagement-AddDevice3.pngDuoManagement-AddDevice4.png

DuoManagement-AddDevice5.pngDuoManagement-AddDevice6.pngDuoManagement-AddDevice7.pngDuoManagement-AddDevice8.png

Additional VPN Authentication for Cisco Any Connect Client

Multi-Factor (Two Factor) Authentication is required for William Paterson University VPN Access. If you have not signed up for Multi-Factor Authentication, please request access using the ticket type Account -> VPN Access.

Using VPN with Multi-Factor Authentication

  1. After you have set up your account, you will continue to use the Cisco AnyConnect client as you have in the past.
  2. When you provide your login credentials you will now be provided with a secondary authentication box. You can then either use an app on your android (or iphone) to generate a key OR type "push" in the secondary authentication box. Using "push" will send a notification to the app on your phone. (Using "sms" will initiate a text with an authentication key that will expire after one hour, or "phone" if you have signed up for a phone call.)

Second Password Field

The following is utilized when using the Cisco Any Connect Client for VPN. The second password field is where you define the method of multi-factor authentication you will be utilizing.

Authentication Method             Passcode
Duo App Push Verification push (See image 1. below)
Duo App to Generate Authentication Code Enter Code displayed in App (See image 2. below)
Text Message sms             (You will receive a text message with a key that will expire after one hour)
Phone Call phone         (If you have registered multiple phone numbers, enter phone1, phone2, as needed)



1. Authorizing access through the Duo App

Duo iphone2.PNG

            2. Generating a Key in the Duo App

Duo iphone1.PNG