![]() ![]() (An example of a Security Key would be the YubiKey) ![]() Security Keys (Webauthn & U2F): Insert your security key into your computer and touch it to activate the key.Enter the One-time Passcode into the text field and click on “Log in” to log in the service. If you have been issued a hardware token, you can click on the button on the hardware token to generate a One-time Passcode. Hardware Token: U of T will issue hardware tokens to users upon request and approval.Type it into the text field, then click on “Log in” to log into the service. Mobile Passcode: You can find the passcode from your UTORMFA account in the Duo mobile app on the registered mobile device.Tap on “approve” on the mobile device to complete the login process. Push: You will receive a push notification on your UTORMFA registered mobile device.All other users of that application are protected with “Standard” as defined above.Hybrid policy protects a group of users with “Enhanced” protection as defined above.(See Note 2)įor applications protected by hybrid policies: Authentication will “fail open” in the event of a Duo outage.If you have not enrolled into UTORMFA, you will not be prompted.Optionally, you may decide to trust your device and will only receive a UTORMFA prompt every seven days. If you are not connected to a trusted U of T network, you will be prompted with UTORMFA.If you are connected to a trusted U of T network (excluding Wi-Fi and virtual private network (VPN) connections), you will not be prompted to authenticate with UTORMFA and you can continue to access the application as usual.Authentication will “fail close” in the event of a Duo outage.įor applications protected by standard policies:.Permissible authentication methods: Duo Push, Duo Mobile Passcode, hardware tokens and Security Keys (U2F and WebAuthn).If you are not enrolled in MFA, you will be denied access to the application.You will need to authenticate again if your application has a time out. ![]() You will be prompted to authenticate with UTORMFA every login.Applications are managed by standard and enhanced requirements, depending on the data classification and criticality of the application (updated May 2020).įor applications protected by enhanced policies: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |