Authentication With MFA
Why is This Happening?
UF is a high-value target for attacks designed to steal research data and intellectual discoveries. This change is part of our ongoing efforts to strengthen the university’s security posture: since adopting multi-factor authentication, UF has seen a 99.7% decrease in compromised accounts. MFA prevents unauthorized access to your HiPerGator account by requiring a second authentication method in addition to your GatorLink credentials.
How Does This Change the User Experience?
Once implemented, HiPerGator Secure Shell (SSH) connections will no longer accept SSH keys. Users will have to provide their GatorLink username and a password after which they will see a text menu asking them to select an MFA method. Available methods are based on what you have configured in the My Two-Factor page . Anyone who has used other UF services, like myUFL or the UF VPN, will be familiar with this process.
The short video here demonstrates the process of logging in with an ssh client using a password. After the password is entered, the terminal prompts for a Duo passcode (e.g. 6-digit code from a token or Duo application) or allows you to select from one of your pre-configured MFA options using a numerical selection. [VIDEO to COME]
What if I Don't have Duo MFA Enabled?
If your account is not registered with UF's Duo MFA service, you will see an error like this:
We're sorry, access is not allowed because you are not enrolled. Please contact your organization's IT help desk for assistance.
You will need to sign up for Duo Authentication.