Two Factor Authentication FAQ

What is a Second Factor?

2 Factor Authentication (2FA) is a method of confirming a user's identity by requiring the user to present two pieces of evidence ("factors") to an authentication mechanism.

On our system, the 'first factor' is your institutional credentials, which you provide through the usual login page, while the second factor is a six digit number generated by an authentication app on the user's mobile device.

What do I need in order to obtain a second factor token?

In order to obtain a second factor token, you will need a mobile device. On that mobile device, you will then need to install Google Authenticator (or another QR code reader application that implements the Time-based One Time Password algorithm) on your mobile device. See also First_Time_Login.

Can I use an SSH key pair as an alternative second factor?

We do not currently support SSH authentication.

How do I transfer my old second factor onto my new device?

Authy

It should get synchronised automatically.

Google Authenticator

Open Authenticator on both devices. On the original device tap the three-dot menu icon followed by Transfer accounts, then Export accounts, select the accounts you want to keep and then press Next. If these options are not present then first update your Authenticator. On the new device press Import existing accounts then scan the QR code provided on the old device.

How do I get a new Second Factor?

See article How to replace my 2FA token.

Can I use the same Second Factor again?

No. You can only use each Second Factor code once and must then wait for a new Second Factor to cycle. Attempting to use the same Second Factor will cause your Authentication to fail.