How-to Manage Multi-Factor Authentication (MFA) via the ITS Private Cloud Portal
Introduction
The ITS Private Cloud recently introduced in v2021.11.0 Multi Factor Authentication with Time-based One-Time Password (TOTP) in order to provide an additional layer of security when generating an Access Token to manage your virtual infrastructure.
Mandatory Multi-Factor Authentication for ITS Private Cloud Portal, API, and CLI Starting June 18, 2024, Multi-Factor Authentication (MFA) will be mandatory for accessing the ITS Private Cloud Portal, API, and command-line interface (CLI).
Time-based OTP generation and delivery methods supported by the ITS Private Cloud include:
Authenticator: DUO, Microsoft Authenticator, Google Authenticator, Auhty, etc.
Email: OTP code is sent upon request via email to the main account.
SMS: OTP code is sent upon request via SMS to a given phone number during setup.
Enable MFA
Login to https://vss-portal.eis.utoronto.ca
Go to the top-right corner where your Gravatar image is shown.
Click on Settings
Click on the Security Tab:
Toggle Two-factor authentication to start configuration.
Select your preferred method to setup between Authenticator, SMS and Email.
Follow the instructions and verify the MFA setup.
Save your recovery codes:
At next login, you will be prompted to provide an MFA code as follows:
Disable MFA
Login to https://vss-portal.eis.utoronto.ca
Go to the top-right corner where your Gravatar image is shown.
Click on Settings
Click on the Security Tab:
Toggle Two-factor authentication to disable MFA. Once toggled to the disable state, type your password to confirm and click Verify.
An email will be sent with a confirmation token that then has to be pasted in the form.
Click on Verify and if the token is valid, your MFA setup will be removed.
The token to disable MFA is valid for 15 minutes.
Related articles
University of Toronto - Since 1827