Compulsory 2FA for ALL System / Service Logins with OnePass Password
As mentioned in issue 191, we are enforcing the use of 2-factor authentication (DUO 2FA) to protect EVERY login of CUHKers. Such enforcement is governed by the University Information Security Policy, “Enabling 2FA on all Application Authentication” (via CUHK login) to cover online services which authenticate users via Central Authentication and Directory Service i.e. whenever one logs in any CUHK system / service with OnePass password, 2FA is required no later than
Login with Single Sign-on Feature
Many online systems / services have scheduled DUO 2FA enabling at their logins this Aug. They have adopted single sign-on technology via CUHK Login (such as Email, VPN, University admin system, eLearning system, etc). This allows you to securely authenticate yourselves and travel across multiple systems without the need to enter login credentials and 2FA repeatedly (Single sign-on feature does not work for you? Please refer to our knowledge article for details).
Limitation of Single Sign-on
However, there are a few systems, including CUHK Web Server Restricted Pages and CUHK Webform, that currently use different technology for authentication. In these cases, you will be required to enter password and perform 2FA again. Please be aware that you will not be prompted with a DUO message during the login process for these systems.
Ways to Pass DUO 2FA
To ensure a smooth authentication experience, please have your DUO-enabled device ready for push or passcode entry when logging into the University and departmental IT systems. Please refer to our knowledge article that provides step-by-step instructions on how to pass DUO 2FA.
Reference: List of DUO 2FA integrated User Applications
Note: There will be system maintainenace on CUHK Login service on 22 Aug 2023 which will cause intermittent login interruption. Please check ITSC announcement for details.
back to issue