Two-factor authentication: also known as 2 steps authentication that two different elements are combined and used to confirm the identity of user, which commonly combines password and personal device (such as mobile phone or token) to process the 2 steps authentication. After the user successfully completes the first-step authentication, the system requires the user to use the registered device like mobile phone or token for the second-step authentication. This dual authentication method can effectively improve the safety of the user account.
Comparing the two-factor authentication mode with the traditional authentication mode we are now using, the security level is reactively lower, therefore, it may result in some network security incidents if the user’s password is attacked or stolen in some cases. For example, when an e-mail account is attacked and stolen, the embezzler may send phishing e-mails or conducting online scams through that e-mail account, so that more people’s personal information and passwords are defrauded and become the target of online fraud.
Most importantly, as we are now using the traditional authentication methods to access most internal resources like e-mail, student information system and human resources management system, etc., the security of user account is very important. With the two-factor authentication system, it can protect user accounts more effectively while user accessing the internal resources and also ensure the security of individuals and the University internal information.
The newly established Cybersecurity law <<網絡安全法>> will be released in 2019. The relevant regulations will need a more accurate record of the user’s usage log, thus, the account being stolen will lead to more serious consequences, and the two-factor authentication system will provide a more secure authentication solution for UM users, which will greatly reduce the risk of leaking an account in various situations.
Due to the large number of students and staff, two-factor authentication services will be implemented for some users at this stage, users will apply voluntarily.
|Serving User Groups||Students, Staff|
Please refer to the following 2FA web page and user manuals for detailed steps or information:
- Information and Communication Technology Office (ICTO)
- Director of ICTO
- Academic Computing and Technology Services Section (ACTS)
- Information Management Section (IMS)
- Infrastructure and User Services Section (IUS)
- Information Security Team (IST)
- Key Projects
- History and Milestones
- Performance Indicators