Mandatory Multi-Factor Authentication for ITS Private Cloud Portal, API, and CLI
TL;DR; Starting June 18, 2024, Multi-Factor Authentication (MFA) will be mandatory for accessing the ITS Private Cloud Portal, API, and command-line interface (CLI). Prepare by following How-to Manage Multi-Factor Authentication (MFA) .
Starting from June 18, 2024, Multi-Factor Authentication (MFA) will be mandatory for accessing the ITS Private Cloud Portal, API, and command-line interface (CLI). This important update aims to enhance the security of our services in response to the evolving threat landscape.
Background
In October 2021, the ITS Private Cloud introduced optional MFA to provide an additional layer of security for our users. MFA was available via Time-based One-Time Password (TOTP) with three options for token generation:
Authenticator apps (e.g., DUO, Google Authenticator, Authy) [Recommended]
Email
SMS
Why is MFA Becoming Mandatory?
The decision to enforce MFA is driven by the need to protect user accounts, virtual machines (VMs) and sensitive information more effectively. The current security landscape is increasingly complex, with rising threats from cyber attacks, phishing, and other malicious activities. MFA significantly reduces the risk of unauthorized access by requiring a second form of verification, making it much harder for attackers to gain access to user accounts.
What Does This Mean for Users and How to prepare?
The next time you interact with the ITS Private Cloud Portal, API, or CLI, if MFA is not enabled on your account, you will encounter an error message. This message will prompt you to set up MFA before you can proceed. The setup process is straightforward and involves the following steps:
ITS Private Cloud Command Line Interface: Multi Factor Authentication with Time-based One-Time Password (TOTP)
ITS Private Cloud API: Multi-Factor Authentication with TOTP
ITS Private Cloud Portal: Manage Multi-Factor Authentication (MFA) via the ITS Private Cloud Portal
To ensure a smooth transition, we recommend enabling MFA on your account as soon as possible. Here’s a quick guide to get you started: How-to Manage Multi-Factor Authentication (MFA)
Need Help?
If you have any questions or need assistance with setting up MFA, just contact vss (at) eis (dot) utoronto (dot) ca and we will be there to help.
Related content
University of Toronto - Since 1827