How-to Manage Multi-Factor Authentication (MFA) via the ITS Private Cloud Portal

Introduction

The ITS Private Cloud recently introduced in v2021.11.0 Multi Factor Authentication with Time-based One-Time Password (TOTP) in order to provide an additional layer of security when generating an Access Token to manage your virtual infrastructure.

Starting June 18, 2024, Multi-Factor Authentication (MFA) will be mandatory for accessing the ITS Private Cloud Portal, API, and command-line interface (CLI).

Time-based OTP generation and delivery methods supported by the ITS Private Cloud include:

  • Authenticator: DUO, Microsoft Authenticator, Google Authenticator, Auhty, etc.

  • Email: OTP code is sent upon request via email to the main account.

  • SMS: OTP code is sent upon request via SMS to a given phone number during setup.

 Enable MFA

  1. Login to https://vss-portal.eis.utoronto.ca

  2. Go to the top-right corner where your Gravatar image is shown.

  3. Click on Settings

  4. Click on the Security Tab:

  5. Toggle Two-factor authentication to start configuration.

  6. Select your preferred method to setup between Authenticator, SMS and Email.

  7. Follow the instructions and verify the MFA setup.

  8. Save your recovery codes:

  9. At next login, you will be prompted to provide an MFA code as follows:

     

 Disable MFA

  1. Login to https://vss-portal.eis.utoronto.ca

  2. Go to the top-right corner where your Gravatar image is shown.

  3. Click on Settings

  4. Click on the Security Tab:

  5. Toggle Two-factor authentication to disable MFA. Once toggled to the disable state, type your password to confirm and click Verify.

  6. An email will be sent with a confirmation token that then has to be pasted in the form.

  7. Click on Verify and if the token is valid, your MFA setup will be removed.

The token to disable MFA is valid for 15 minutes.

 

 

 Related articles

University of Toronto - Since 1827