Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Office of Information Technology Two-Factor Authentication.

Similar presentations


Presentation on theme: "The Office of Information Technology Two-Factor Authentication."— Presentation transcript:

1 The Office of Information Technology Two-Factor Authentication

2 The Office of Information Technology What is two-factor authentication? Why are we implementing two-factor? What is affected? What tool is used and how does it work?

3 The Office of Information Technology What is two-factor authentication?  Authentication is based on factors  Knowledge factors (something you know, like a password or passphrase)  Possession factors (something you have, like a phone or other token)  Inherence factors (something you are, like a fingerprint or other biometrics)  Adding a check of “something you have” to the regular myUTSA passphrase check (“something you know”) provides two- factor authentication

4 The Office of Information Technology Why are we implementing two-factor authentication?  If the secret in a single-factor authentication scheme gets compromised, full authentication is possible  Successful phishing attacks can compromise single-factor authentication  UT System memo requiring two-factor authentication in certain cases  Phishing attacks at UT System institutions resulting in financial losses  Deadline for compliance is August 31, 2015

5 The Office of Information Technology What services will be affected by two-factor authentication?  Connecting to the UTSA network via VPN or terminal services such Citrix – July 1  Server admin or other individual working from a remote location accessing a server containing confidential university data must use VPN  Connecting to UTShare to view or modify employee banking or financial information – August 1  Faculty services tab in ASAP – November 2015

6 The Office of Information Technology What tool is used and how does it work?  We will use mobile devices to provide two-factor authentication using a tool called Toopher  Toopher works with both iPhones and Android phones, and provides SMS (text messaging) or one-time password options for users without a smartphone

7 The Office of Information Technology How does it work? The first time a user accesses a Toopher- protected application, they are asked to pair their myUTSA account with Toopher Pairing is a simple one-time task that only takes a few seconds Once paired, the user’s smartphone, SMS number, or OTP sheet is now their token to provide the second factor

8 The Office of Information Technology How does it work? Once their myUTSA account is paired with Toopher, users will be challenged to use their token (smartphone, SMS text, OTP) when they login to any Toopher-protected applications

9 The Office of Information Technology Toopher Walkthrough

10 The Office of Information Technology Pairing with the Toopher app

11 The Office of Information Technology

12

13

14

15

16

17

18

19

20

21

22

23 Authenticating using the app

24 The Office of Information Technology

25

26

27

28

29

30 Un-pairing with the app

31 The Office of Information Technology

32

33

34 Unpairing using self-service

35 The Office of Information Technology

36

37

38

39

40

41

42 Un-pairing using accountclaim.utsa.edu

43 The Office of Information Technology

44

45

46

47

48 Pairing using SMS (text messaging)

49 The Office of Information Technology

50

51

52

53

54 Authenticating using SMS

55 The Office of Information Technology

56

57

58

59

60 Pairing using One-Time Passwords

61 The Office of Information Technology

62

63

64

65

66

67

68 Authenticating using OTP

69 The Office of Information Technology

70

71

72

73

74 Using the OTP option from the app

75 The Office of Information Technology

76

77

78

79

80 Questions?


Download ppt "The Office of Information Technology Two-Factor Authentication."

Similar presentations


Ads by Google