24 June 2020

Postponed: Office 365 to have additional layer of security with two-factor authentication (2FA) from 13 July

Summary

  • From 13 July, Office 365 (Outlook, Teams, etc.) will have an additional layer of security through 2FA.
  • You will soon regularly have to log in using 2FA when you use an Office application, so you should set it up now at mysolisid.uu.nl.

Why are we doing this?

As it is important to Utrecht University (UU) that your information is well protected, we are constantly working to improve data security.

At UU, the availability, reliability and security of information, knowledge and data is crucial. Strangely enough, this data is by no means always well protected, despite the significant risks. Take identity fraud, for example, where someone poses as you and spreads malware (unwanted software that disrupts computer systems or collects sensitive information) within the organisation. Or consider hacking, which disrupts the organisation’s operations or research, which is also a risk. That’s why it’s important to protect data effectively.

Only a password is insufficient

Sometimes systems or specific applications contain data which should not be accessible to third parties, such as personal data, research data or test results. Using a only a password offers insufficient protection in this case, as hackers are increasingly using new and smarter methods to guess passwords. For example, they try an obvious password out on as many accounts as possible rather than attacking a single account with different passwords. And the number of attacks on university systems is growing all the time.

Additional security through 2FA

That’s why the UU is protecting data with 2FA: an additional layer of security. Two-factor authentication (2FA) is more secure than just using a password because access to an account cannot be obtained simply by finding out a password. This is because you need two items to gain access to your information and data. You log in with something that you know (Solis ID and password) ​and something that you have (e.g. a 2FA code on a smartphone). Banks have been using 2FA for some time (e.g. a TAN or an identifier). Other examples include the use of trading platforms (for shares or cryptocurrency, for example).

In this video, we explain what 2FA is (turn on subtitles).

2FA for Office 365 (and other applications) is on its way

On 13 July 2020, Office 365 (which includes Outlook, Word, Excel, PowerPoint, Teams, etc.) will also be given an additional layer of security using 2FA. A number of different UU applications and services, such as your personnel file or OSIRIS for students, are already protected by means of 2FA. Office 365 will be followed by a number of other applications, including Blackboard.

What will change for me as an Office 365 user?

Once 2FA has been introduced, you must log in with your Solis ID and password and 2FA when you start an Office 365 application. How often you have to enter a code depends on the situation.

  • Infrequently: If you have installed Office 365 on your device (this is the case if you start it from your start menu, for example), the code is valid on that device for six months.
  • Regularly: If you use Office 365 via a browser (e.g. Firefox, Safari, Chrome), the code will be valid throughout the session. If you close your browser or you are inactive for 30 minutes, the session will expire and you will have to enter a new code.

How to set it up

 

 

There are various 2FA methods available, so you can choose what works best for you. You only have to set your two-factor authentication up once.

Do you any questions or would you like to learn more?

Please contact the IT Service Desk.