Slide 1

The Office of Information Technology Two-Factor Authentication

Slide 2

The Office of Information Technology What is two-factor authentication? Why are we implementing two-factor? What is affected? What tool is used and how does it work?

Slide 3

The Office of Information Technology What is two-factor authentication? Authentication is based on factors Knowledge factors (something you know, like a password or passphrase) Possession factors (something you have, like a phone or other token) Inherence factors (something you are, like a fingerprint or other biometrics) Adding a check of something you have to the regular myUTSA passphrase check (something you know) provides two- factor authentication

Slide 4

The Office of Information Technology Why are we implementing two-factor authentication? If the secret in a single-factor authentication scheme gets compromised, full authentication is possible Successful phishing attacks can compromise single-factor authentication UT System memo requiring two-factor authentication in certain cases Phishing attacks at UT System institutions resulting in financial losses Deadline for compliance is August 31, 2015

Slide 5

The Office of Information Technology What services will be affected by two-factor authentication? Connecting to the UTSA network via VPN or terminal services such Citrix July 1 Server admin or other individual working from a remote location accessing a server containing confidential university data must use VPN Connecting to UTShare to view or modify employee banking or financial information August 1 Faculty services tab in ASAP November 2015

Slide 6

The Office of Information Technology What tool is used and how does it work? We will use mobile devices to provide two-factor authentication using a tool called Toopher Toopher works with both iPhones and Android phones, and provides SMS (text messaging) or one-time password options for users without a smartphone

Slide 7

The Office of Information Technology How does it work? The first time a user accesses a Toopher- protected application, they are asked to pair their myUTSA account with Toopher Pairing is a simple one-time task that only takes a few seconds Once paired, the users smartphone, SMS number, or OTP sheet is now their token to provide the second factor

Slide 8

The Office of Information Technology How does it work? Once their myUTSA account is paired with Toopher, users will be challenged to use their token (smartphone, SMS text, OTP) when they login to any Toopher-protected applications

Slide 9

The Office of Information Technology Toopher Walkthrough

Slide 10

The Office of Information Technology Pairing with the Toopher app

Slide 11

The Office of Information Technology

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Authenticating using the app

Slide 24

The Office of Information Technology

Slide 25

Slide 26

Slide 27

Slide 28

Slide 29

Slide 30

Un-pairing with the app

Slide 31

The Office of Information Technology

Slide 32

Slide 33

Slide 34

Unpairing using self-service

Slide 35

The Office of Information Technology

Slide 36

Slide 37

Slide 38

Slide 39

Slide 40

Slide 41

Slide 42

Un-pairing using accountclaim.utsa.edu

Slide 43

The Office of Information Technology

Slide 44

Slide 45

Slide 46

Slide 47

Slide 48

Pairing using SMS (text messaging)

Slide 49

The Office of Information Technology

Slide 50

Slide 51

Slide 52

Slide 53

Slide 54

Authenticating using SMS

Slide 55

The Office of Information Technology

Slide 56

Slide 57

Slide 58

Slide 59

Slide 60

Pairing using One-Time Passwords

Slide 61

The Office of Information Technology

Slide 62

Slide 63

Slide 64

Slide 65

Slide 66

Slide 67

Slide 68

Authenticating using OTP

Slide 69

The Office of Information Technology

Slide 70

Slide 71

Slide 72

Slide 73

Slide 74

Using the OTP option from the app

Slide 75

The Office of Information Technology

Slide 76

Slide 77

Slide 78

Slide 79

Slide 80

Questions?