Two Factor Authentication, also known as 2FA, two step verification or TFA, is an extra layer of security that is known as "multi factor authentication" that requires not only a password and username but also something that only that user has on them.
The University’s 2FA provider is a company named Duo Security (Duo for short). After you enroll in 2FA and when you log in to an RCC system, you will enter your username (CNetID) and password (something you know) as you do now. Then use your smartphone or another device (something you have) to verify your identity.
Two-factor authentication (2FA) makes accessing the Research Computing Center’s (RCC) high-end computing infrastructure, Midway, more secure. Implementing 2FA prevents anyone but you from using your account to log into Midway and other University websites, even if they know your CNetID password. 2FA verifies your identity when you sign into Midway using your CNetID by sending a code to your device (e.g. via mobile phone, landline, tablet, or hardware token).
Beginning in November 2018, all RCC users will be required to enroll in and use 2FA to log in to RCC computational systems.
Check out the Frequently Asked Questions section for additional questions and answers regarding the RCC’s 2FA requirement.
Below are some answers to many commonly asked questions.
After you enroll in 2FA and when you log in an RCC system, you will enter your CNetID and password, and then use your smartphone or another device to verify your identity. You will have to use 2FA everytime you log in to an RCC system.
You can register a mobile phone, tablet, landline, or a hardware token. You are encouraged to register at least two devices with 2FA to avoid difficulties with verifying your identity if your only enrolled device is unavailable.
Go to the Manage Devices webpage and click ‘Print One-time Passcodes’.
Yes. All valid users on Midway are eligible for 2FA. Please go to UChicago 2FA to start enrolling.
UChicago alumni who have a valid Midway account are eligible for 2FA.
RCC will support key-based SSH in very rare circumstances to avoid bypassing 2FA. Please contact us if you need to use this service to discuss the options.
If you have the Duo app on your phone or any other device, you could use the push method if you are connected to the Internet. From the Duo app you can also generate passcodes without being connected to network. Please see here for more information.
When you use 2FA to login to Midway (using an SSH client or ThinLinc), the session will last until you logout from Midway. The next time that you want to connect to Midway, you need to use 2FA to gain access.
The SAMBA service will not be affected by 2FA.
Read more Here.