Multi-Factor Authentication: Difference between revisions

From William Paterson University - Information Technology's Wiki
Jump to navigation Jump to search
(Redirected page to Multifactor Authentication)
 
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
#REDIRECT [[Multifactor_Authentication]]
==Multi-Factor Authentication==
 
Multi-Factor (Two Factor) Authentication is required for William Paterson University VPN Access, and will be implemented Fall of 2018 for WPconnect and additional services.  If you have not signed up for Multi-Factor Authentication, [http://www.wpunj.edu/help please request access using the ticket type Account -> VPN Access].
 
==Authentication and Software==
 
===Duo App for Mobile Devices===
"Duo Mobile" can be downloaded from either the Apple App Store or the GooglePlay Store.
 
{| style="text-align: center;"
|'''iPhone Duo Application''' <p>[[File:duo_iphoneApp.PNG|200px]]</p>
|&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
|'''Android Duo Application''' <p>[[File:duo_androidApp.PNG|200px]]</p>
|}
 
If you change mobile devices, or if your Duo App becomes disassociated with your account you will need to reactivate your App.
 
 
 
==Logging in to WPconnect==
 
After you have logged in to the "Shibboleth" login page, you will be redirected to the Multifactor Authentication page for Duo.
 
[[File:DuoLoginWPconnect1.png|300px]]
 
This page will allow you to select the Device you would like to use for Authentication.  You can enroll multiple phone numbers or mobile device including tablets.
'''Note: There is an option to remember your device by using the "Remember me for 4 hours" option if you '''
 
[[File:DuoLoginWPconnect2.png|300px]][[File:DuoLoginWPconnect2-1.png|300px]]
 
The suggested method of Multifactor authentication is to use Duo Push which utilizes the [[Multi-Factor_Authentication#Duo_App_for_Mobile_Devices|Duo Mobile Application]] on your mobile phone or tablet.
 
[[File:DuoLoginWPconnect3.png|400px]]
 
Additionally, you can select to receive a phone call and acknowledge you login by pressing any key, or by using a Passcode that you generate using the [[Multi-Factor_Authentication#Duo_App_for_Mobile_Devices|Duo Mobile Application]] or by receiving a text message.
 
[[File:DuoLoginWPconnect4.png|300px]][[File:DuoLoginWPconnect4-2.png|400px]]
 
'''Please note that your account will be locked out after a number of authentication failures.'''  Please [https://www.wpunj.edu/helpdesk submit a ticket], or calling 973-720-4357 to have your account unlocked.
 
[[File:DuoLoginWPconnect5.png|300px]]
 
==DUO Device Management Portal on WPconnect==
 
To manage your multi function authentication devices you will need to visit the DUO Device Management Portal thru WPconnect.  The DUO Device Management Portal is listed as Duo under Applications.  You can Add or Remove devices from this portal.  Mobile devices, both cellphones and tablets, as well as Landline phone numbers can be added for Authentication.
 
 
To manage your devices you must first authenticate against one of you existing devices.
 
[[File:DuoManagementWPconnect1.png|300px]]
 
From '''My Settings & Devices''' you can add a device or remove an old device
 
[[File:DuoManagementWPconnect2.png|300px]][[File:DuoManagementWPconnect4.png|300px]]
 
===Reactivating the Duo App===
You can select to automatically send a push notification to your default device at login thru this portal.
 
[[File:DuoManagementWPconnect3.png|300px]]
 
 
From '''Device Options''' you can '''Reactivate your Duo Application''' (if you have a new mobile device), or change the description of you device.
 
[[File:DuoManagement-AddDevice1.png|300px]][[File:DuoManagement-AddDevice2.png|300px]][[File:DuoManagement-AddDevice3.png|300px]][[File:DuoManagement-AddDevice4.png|300px]]
 
[[File:DuoManagement-AddDevice5.png|300px]][[File:DuoManagement-AddDevice6.png|300px]][[File:DuoManagement-AddDevice7.png|300px]][[File:DuoManagement-AddDevice8.png|300px]]
 
==Additional VPN Authentication for Cisco Any Connect Client==
 
Multi-Factor (Two Factor) Authentication is required for William Paterson University VPN Access.  If you have not signed up for Multi-Factor Authentication, [http://www.wpunj.edu/help please request access using the ticket type Account -> VPN Access].
{{#ev:youtube|pgrzRIQ9874|400}}
 
===Using VPN with Multi-Factor Authentication===
 
#After you have set up your account, you will continue to use the [[#Client VPN Application|Cisco AnyConnect client]] as you have in the past.      <!-- <p>[[File:2FA.gif]]</p> -->
#When you provide your login credentials you will now be provided with a [[#Second Password Field|secondary authentication]] box.  You can then either use an [[#Duo App for Mobile Devices|app]] on your android (or iphone) to generate a key OR type "push" in the [[#Second Password Field|secondary authentication]] box.  Using "push" will send a notification to the app on your phone.  (Using "sms" will initiate a text with an authentication key that will expire after one hour, or "phone" if you have signed up for a phone call.)
 
===Second Password Field=== 
 
The following is utilized when using the Cisco Any Connect Client for VPN.  The second password field is where you define the method of multi-factor authentication you will be utilizing.
 
{|
! style="text-align:left;"|Authentication Method
!  &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
! style="text-align:left;"|Passcode
|-
|Duo App Push Verification
|push
|(See image 1. below)
|-
|Duo App to Generate Authentication Code
|     
|Enter Code displayed in App
|(See image 2. below)
|-
|Text Message
|sms &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
|(You will receive a text message with a key that will expire after one hour)
|-
|Phone Call
|phone &nbsp; &nbsp; &nbsp; &nbsp;
|(If you have registered multiple phone numbers, enter phone1, phone2, as needed)
|}
 
<br><br>
{|  style="text-align: center;"
| 1. Authorizing access through the Duo App
<p>[[File:duo_iphone2.PNG|200px]]</p>
| &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
| 2. Generating a Key in the Duo App 
<p>[[File:duo_iphone1.PNG|200px]]</p>
|}

Latest revision as of 15:04, 11 October 2018