Password stealing is a method frequently used by hackers to break into systems. For example, every phishing email aims to do just that. The Executive Board has therefore decided to introduce multi-factor authentication (MFA) across the board at ETH Zurich in the second half of 2022. In the future, central web applications such as Microsoft 365, Zoom, Google and Adobe Creative Cloud as well as three on-premises applications (Web-Center, go2phone and CRM Servix) will be protected with a second factor. The second factor bases on the one-time password procedure (TOTP), which can be generated in one of the various authenticator apps. Through the additional proof of identity, both the accounts of ETH members and their data are better protected.
How do I prepare?
Please prepare yourself by completing the MFA registration with your ETH user name. The first step is to install an authenticator app on your smartphone. We recommend the Google Authenticator or Microsoft Authenticator app. The use of other apps is also possible. The QR code must then be generated in the web center application and scanned with the app. Attention: the QR code can only be generated once.
When will I need to enter the OTP code?
The multifactor authentication for the staff of the departement GESS takes place in the evening of the 14th November 2022. From this date on a specific screen to enter the OTP code will be prompted at regular intervals when launching the web applications mentioned above.
Where can I find detailed instructions?
The exact procedure is described on the following Confluence page:
What happens if I change or lose my smartphone?
If you have changed or lost your device, you can reset the MFA registration yourself and then set it up again on the new device.
I am already registered for eDoz. How do I proceed?
If you have already made an MFA registration for eDoz, you do not have to do anything. You will be asked to enter the OTP code from the date on which MFA is activated for you on the applications mentioned above. To do this, use the MFA registration that has already been created.