MFA: More security for your data
ETH is going to introduce multi-factor authentication (MFA) this autumn. From then on, applications such as Microsoft 365, Google Workspace, Adobe Creative Cloud and Zoom will require a second factor in addition to the familiar ETH user name and password Read on to find out how this will affect your daily work.
Identity theft on the net, hacked access data and cyberattacks: almost every day, there are reports in the media of these kinds of attacks on the IT security of companies and institutions.The attackers gain access to systems, and among other things, steal and encrypt sensitive data and subsequently demand a ransom to decrypt or release the data they have hijacked.
ETH is not immune to this either. In the coming months, IT Services will introduce multi-factor authentication to increase the security of our data.
Multi-factor what?
You may be familiar with this system from your bank account: after you’ve entered your password, you’re asked for a second factor – for example, a code consisting of numbers and letters sent to your mobile phone. This “second hurdle” in the login process is known as multi-factor authentication (MFA). MFA makes it much more difficult for cybercriminals to gain access to a user account and the data it holds.
This is how MFA will work at ETH
To increase the security of our data, IT Services will introduce multi-factor authentication for all members of the ETH community – employees as well as students – in the second half of 2022. The first step will be to update central cloud applications such as Microsoft 365, Google Workspace, Adobe Creative Cloud and Zoom.
Specifically, this means that, in the future, a one-time password (OTP) will be required in addition to your normal password when logging on to, say, Zoom. This OTP code will be generated by what is known as an authenticator app, which you can get from the app store on your mobile phone. For Zoom and the like, however, you won’t need to generate an OTP code every time you log on, just at regular intervals.
“The new solution will raise the hurdle for attackers. MFA will play a major role in making our user accounts at ETH and the sensitive and valuable data they contain more secure,” says ETH President Jo?l Mesot. “So I would like to sincerely thank all members of the ETH community for their understanding and their willingness to take an extra step to make our data more secure.”
Now, what does this mean for you?
Nothing will change for the time being. Starting in August 2022, MFA will be rolled out across the ETH community. Until then, the login process for Zoom, Office 365 and so on will remain as usual.
You will receive more detailed information about the necessary authenticator app and MFA registration as well as a detailed description of the login process a few weeks prior to the rollout of MFA.
If you have questions beforehand, please consult the ITS Service Desk.
Further information
ITS Blog: Prevent identity theftAlways up to date
Would you like to always receive the most important internal information and news from ETH Zurich? Then subscribe to the "internal news" newsletter and visit Staffnet, the information portal for ETH employees.