Following last year’s strengthening of passwords for logging into UP systems, the university has taken further steps to enhance security. It is gradually introducing multi-factor authentication, a method familiar from online banking, for example. In addition to entering a username and password, users must confirm their login in a mobile app or by entering a code received via SMS. In the first phase, the change will affect only employees, and only when logging in to their e-mail accounts from networks outside UP.
Most employees of the Rector’s Office are already using this new method multi-factor authentication method; all other university staff will be prompted to adopt it in the coming weeks or months. For now, two-factor authentication will be required only when accessing e-mail from networks outside UP in potentially risky situations; it will subsequently be expanded to other university systems.
When will the second confirmation be required?
“If you access your e-mail from your work computer, this change won’t really affect you. If you also check your e-mail from home or on your phone, the system will ask you to confirm your login and will remember it. It won’t ask for confirmation next time. However, if you log in from a shared computer at a hotel or from a completely different country, the system will become alert and request login confirmation again,” explains David Skoupil, director of the UP Computer Centre (CVT). According to him, the new measure serves as a safeguard in case an unauthorised person discovers a user’s password, remotely takes control of their account, steals data, or sends e-mails in their name.
What can you do right now?
Before setting up multi-factor authentication, you need to register a “second factor” at mojeheslo.upol.cz and add a login method. “Ideally, choose ‘Microsoft Authenticator’ as your login method (see links below). This is a mobile app that you can install on your work or personal phone. Confirming your login using the app is the simplest method and takes the least amount of time,” advises the UP Computer Centre director, noting that he recommends completing the registration from a desktop computer (not a mobile phone).
As a second option, users can select “alternative phone,” choose the Czech Republic, enter a phone number, and choose whether they want the code sent via SMS or to receive a call directly to their phone. “We recommend choosing multiple login methods right away, even for multiple phone numbers if you have them. This can come in handy, for example, if your phone with the app breaks down,” adds Skoupil, noting that if someone doesn’t manage to register the second factor in advance, nothing will happen—they can enter it during their first multi-factor login.
The implementation of multi-factor authentication at UP is mandated by the Cyber Security Act. It is mandated by the Rector’s directive (after logging in). UP Computer Centre is now gradually rolling it out for all UP staff, and it will also affect students in the upcoming academic year. If you have any questions or need clarification, please get in touch with UP Computer Centre via the HelpDesk (category: MFA – multi-factor authentication).
Android Microsoft Authenticator:
https://play.google.com/store/apps/details?id=com.azure.authenticator
iOS Microsoft Authenticator:
https://apps.apple.com/us/app/microsoft-authenticator/id983156458
