Introduction
The ITS Private Cloud recently introduced in v2021.11.0 Multi Factor Authentication with Time-based One-Time Password (TOTP) in order to provide an additional layer of security when generating an Access Token to manage your virtual infrastructure.
MFA with TOTP is opt-in based.
Time-based OTP generation and delivery methods supported by the ITS Private Cloud include:
Authenticator: DUO, Microsoft Authenticator, Google Authenticator, Auhty, etc.
Email: OTP code is sent upon request via email to the main account.
SMS: OTP code is sent upon request via SMS to a given phone number during setup.
\uD83D\uDCD8 Enable MFA
Login to https://vss-portal.eis.utoronto.ca
Go to the top-right corner where your Gravatar image is shown.
Click on Settings
Click on the Security Tab:
Toggle Two-factor authentication to start configuration.
Select your preferred method to setup between Authenticator, SMS and Email.
Follow the instructions and verify the MFA setup.
Save your recovery codes:
At next login, you will be prompted to provide an MFA code as follows:
\uD83D\uDCD8 Disable MFA
Login to https://vss-portal.eis.utoronto.ca
Go to the top-right corner where your Gravatar image is shown.
Click on Settings
Click on the Security Tab:
Toggle Two-factor authentication to disable MFA. Once toggled to the disable state, type your password to confirm and click Verify.
An email will be sent with a confirmation token that then has to be pasted in the form.
Click on Verify and if the token is valid, your MFA setup will be removed.
The token to disable MFA is valid for 15 minutes.