Required MultiFactor Authentication Account Protection

The use of passwords alone is no longer sufficient in preventing unauthorized access of individual and institutional resources. Passwords are routinely compromised through malware, brute force attacks, phishing, and other exploits.

MultiFactor Authentication (MFA) is a two-step process that requires both a password and a second verification using a smartphone or a small token device that you carry with you. The University of California is adopting an MFA product called “Duo” and most UC campuses now require it to access institutional resources or soon will.

Over coming months, Duo MFA will become required for all staff and faculty web application access; the requirement will expand to the campus VPN and other services over time.

Phased Transition

To prevent undue impact from the transition, a phased approach will help ensure assistance is available to you. The transition is expected to be implemented for all administrative units and a subset of academic units by June 15, 2019, with a complete transition by October 15, 2019. Transition to MFA by the Division of Finance and Administration is already underway.

Setting Up Duo MFA

Setting up Duo MFA for your UCInetID web logins is a straightforward process. Once set up, confirming your login is as simple as touching a permissions dialog on your smartphone. For those who cannot use a smartphone, we will provide individual hardware tokens that can be used instead.

For more information or to setup Duo MFA now please see www.oit.uci.edu/mfa.

Additional information and schedules will be shared as the implementation unfolds. Our help desk is available to answer questions or assist (oit@uci.edu, 949-824-2222).

Thank you,

Dana Roode
Chief Information Officer and
Associate Vice Chancellor

Kian Colestock
Associate Chief Information Officer

Scroll Up