In December, University IT will update Stanford’s Two-Step Authentication service to support more options. At the same time, we are taking the opportunity to update the Accounts application and give WebLogin a look more in line with Stanford’s web identity.
Two-Step Authentication Changes
Two-step authentication seeks to address the security weaknesses associated with authentication based solely on a single password. The new, cloud-based Duo service will enhance the capabilities of Stanford's previously homegrown two-step authentication by adding support for more services. Switching to Duo provides two big wins: Stanford systems that are more secure, and two-step authentication that is easier for the community to use.
Duo offers users multiple options for generating and retrieving passcodes, including the methods already commonly in use at Stanford (SMS text message or authenticator application), while adding Duo push, phone callback, and hardware token retrieval options. When Duo goes live on December 13, users will be able to set up multiple devices (e.g., a smartphone and a landline) for two-step authentication for WebLogin. Other Stanford services will start using Duo for authentication in the coming months.
As part of the project, the printed list option for two-step authentication will be phased out later in 2015. Assistance will be available to help those currently using the printed list option to switch to one of the other available methods.
WebLogin and Account Application Changes
While the WebLogin screens will look a bit different starting in mid-December, the login/authentication process is basically the same. The new look aligns with Stanford's current identity guidelines. The Accounts application will also look a little different, but more importantly, it will allow you to manage the new options available with Two-Step Authentication.
Look for further information about the transition to Duo Two-Step Authentication in the coming weeks.