Two-Factor Authentication (2FA)
Two-Factor Authentication (2FA) is an important component in Information Security. 2FA adds an additional layer of security protection to the authentication process by making it harder for attackers to gain access to a person's or online accounts.
To enhance the protection of students’ personal data and tighten the information security of the University, Lingnan University has implemented the 2FA solution.
All Lingnan students are required to enroll in 2FA for logging into the webmail system from untrust networks starting from September 1, 2018. In order to move forward for the security enhancement the authentication process, full 2FA protection for both staff and students was scheduled as below:
2FA will be extended to most of the services provided by ITSC for students. Students are required to use 2FA on most of the services when login from hostel or network out of Lingnan campus network starting from Oct 2019.
2FA will be extended to all staff. Staff is required to use 2FA on most of the services provided by ITSC when login from hostel or network out of Lingnan campus network starting from Feb 2020.
How it works?
The 2FA system requires an additional authentication layer in addition to your Lingnan username and password to ensure it is not any third party, but yourself, who accesses the services. This additional layer is usually a personal mobile device. By pairing your personal mobile device with a 2FA mobile app, the device will allow you to receive push notifications for easy, one-tap authentication. Because of this, you need to register for 2FA. Please respond to the Push Notification using your mobile device when you need to access applications supporting 2FA e.g. VPN, OWA etc.
Is the service accessible from overseas?
Yes. The service is accessible worldwide. The mobile app works well even after you have changed to use another SIM card (another phone number) during your travel. Please remember to carry your registered mobile phone/device as it is an important device to verify your identity in order to access applications supporting 2FA.
If your mobile device does not have internet access, you can obtain ByPass Code from the 2FA Registration and Device Management webpage. A ByPass Code will be sent to your registered mailbox and you can use it for the 2FA authentication.
How to register?
Log on to the 2FA Registration and Device Management to activate or manage your account.
How to access?
After logging into the 2FA activated services from untrust networks, you are required to approve your access using the Duo Mobile App.
[Important!!!] If you get an authentication request from Duo Mobile App that you weren't expecting, you must reject the request.