OVERVIEW
In an effort to increase cyber security on Palo Alto University’s IT networks and to be compliant with liability insurance requirements, 2-step authentication (2SA) will be enabled on all PAU community members’ OneLogin accounts. All Palo Alto University community members who utilize OneLogin to access University software applications will need to enable at least one option of 2-step authentication on their OneLogin account.
The two options for 2-step authentication are: the Google Authenticator App and SMS Text Messaging via a third party, Twilio, both using your smartphone. It is required to install at least one of these options, but it is recommended to install both so there is a back-up method in place in case one of the methods is not functioning properly. For example, SMS Text messages may be delayed or not work based on the quality of the cell service and where you are located at any given time (i.e. it may not work in a basement). Instructions on how to install and use both of these methods are detailed below.
After the initial set-up is complete, anytime that a PAU community member logs into OneLogin, they will be prompted to enter a unique access code into OneLogin, which will be delivered either to the Google Authenticator app on their smartphone or via SMS text message to their mobile device. The code will need to be entered into OneLogin to gain access to any of the applications that are contained within OneLogin (i.e. GMail, Google Drive, Canvas, DocuSign, MyPAU portal, Pingboard, Qualtrics, Zendesk, etc.)
A. How to Set up Multi-Factor Authentication
Option 1: GOOGLE AUTHENTICATOR PHONE APP (One-time Activation Steps (Using your smartphone & the computer))
Overview: Associate OneLogin to your smartphone via the Google Authenticator app as follows:
1. On your smartphone, download the Google Authenticator app:
2. On your computer, log into OneLogin and go into your profile by clicking on your name in the top right corner:
3. Click on Security Factors and the Add Factor button.
4. Click on Authenticator and a QR code will appear:
5. On your smartphone, open the Google Authenticator app and select Add a Code.
6. On your smartphone, click on Scan a QR Code; a 6-digit code will appear, which will change approximately every 30 seconds:
7. On your computer, click Next and enter the code, and then click on Continue
8. When you see the Authenticator displayed in your profile, the one-time set up has been completed.
9. AFTER YOU HAVE BOTH OPTIONS SET UP (AUTHENTICATOR AND TEXTING), you will need to select one as the default or “primary”. Click on the Options button to select as Primary. You may select either authenticator or SMS Texting as primary.
ON-GOING USE:
- Anytime that you log into OneLogin, you will be prompted to enter the unique access code (which changes every 30 seconds) that is contained within the Authenticator App on your mobile device. Depending on how the settings on your computer are configured, you may be prompted to enter the access code only the first time you log in each day or after rebooting, or you may be prompted to enter the access code every time that you log into OneLogin throughout the day.
- Each time you log into OneLogin, your primary option will be used. If it is not working, if you have installed the other option, you may “Change the Authentication Factor” by clicking the link as pictured below:
Option 2: SMS TEXT MESSAGING (One-time Activation Steps on your computer)
Overview: Set up your OneLogin account with SMS Texting via the third-party vendor, Twilio, as follows:
1. An Opt-In Form must be completed in order to receive SMS text messages from our vendor, Twilio. Click here to complete the form, which can also be found on the home page of the PAU Portal. The IT Department will reach out to you after they have received your form and sent your mobile phone number to Twilio.
2. Once the IT Department has given you the go-ahead, you will need to enable your OneLogin account as follows: From your computer, log into OneLogin and go into your profile by clicking on your name in the top right corner:
3. Click on Security Factors and the Add Factor button.
4. Select Mobile Text:
5. You will receive a code on your mobile device, Enter that code into the OneLogin window and select Continue.
6. When you see the Mobile Text icon displayed under the Security Factors, the one-time set-up has been completed.
7. AFTER YOU HAVE BOTH OPTIONS SET UP (AUTHENTICATOR AND TEXTING), you will need to select one as the default or “primary”. Click on the Options button to select as Primary. You may select either Authenticator or SMS Texting as Primary:
ON-GOING USE:
- Anytime that you log into OneLogin, you will be prompted to enter the unique access code (which changes every 30 seconds) that is contained within the Authenticator App on your mobile device. Depending on how the settings on your computer are configured, you may be prompted to enter the access code only the first time you log in each day or after rebooting, or you may be prompted to enter the access code every time that you log into OneLogin throughout the day.
Note: Each time you log into OneLogin, your primary option will be used. If it is not working, if you have installed the other option, you may “Change the Authentication Factor” by clicking the
link as pictured below:
B. How to Change Authentication Methods
Each time you log into OneLogin, the option that is designated as “primary”, in your OneLogin profile settings will be used. Only if you have both authentication methods activated in your OneLogin profile (Authenticator App and SMS Texting) can you change your method either by default (aka primary) or temporarily change the method for a single use. You may toggle between them as often as you wish.
You may decide to change methods for various reasons, including: convenience of use or if one method doesn’t work consistently, i.e., cell coverage is not optimal in certain circumstances to receive SMS text messages.
To Change your default or Method:
1. On your computer, log into OneLogin and go into your profile by clicking on your name in the top right corner:
2. Click on Security Factors, and click on “Options” next to the authentication method that you wish to make the default:
3. Select “Set as primary.”
4. The security factor that you have selected will move to the top of the list and will now become your primary for your 2-step authentication.
To Temporarily Change your Authentication Method (for a single use):
If your primary authentication method does not work when you log into OneLogin, you may “Change the Authentication Factor” by clicking the link as pictured below. This will change the method for a single use.
0 Comments