July 30, 2020

Sign-on processes are changing to be easier and more secure

The Office of Information Technology has been working to move the university to a more modern “authentication method”— making the sign-in experience easier for users, while enhancing system security.

This three-phase effort includes:

  • Moving to single sign-on (SSO). Users enter their username and password once to access most university systems and software.
  • Changing sign-in credentials so users utilize their email address and password vs. their Network ID and password.
  • Encouraging adoption of multi-factor authentication, or MFA, by faculty, staff, and students between August and December 2020. (With MFA in place, sign-on becomes a two-step process in which users enter their username and password in conjunction with a second step such as accepting a push notification sent to you via a mobile device or entering an MFA code generated by an MFA token.)

As OIT makes the transition, users may notice that accounts that once required their Network ID will now ask for their SIU email address. Smaller systems have already been converted to the new sign-in method. Larger systems like D2L, Outlook 365, and SalukiNet are scheduled to be transitioned to the new system between Aug. 6-10.

The transition schedule is available for review to see when specific systems and software will be affected.

Starting the week of Aug. 10, faculty, staff, and students will be strongly encouraged to enroll in multi-factor authentication, or MFA. MFA may seem unfamiliar, but it is already used to protect financial, medical, and other important accounts. For example, more and more banks require credentials like a username and password to initiate the sign in process, and then send a code via cell phone or email that must be entered to gain access to the account. OIT is putting in the same protections at SIU.

At SIU, MFA will require users to enter their username and password, and then accept a push notification received on a mobile device such as a cell phone. This, the recommended MFA option, is free and easy to manage.

There is a second option available — users can purchase an MFA “token” to complete the second step of the sign in process. An MFA token is a small device that is linked to a user’s account. When the user signs in, and activates the token, it generates a unique code that is entered to complete the sign in process.

From Aug. 10 through Dec. 31, users can opt in to MFA by going to https://netid.siu.edu and clicking on the DUO Security tab. This tab allows users to go through a simplified process to activate the DUO app; users should have their cell phones (or other mobile device) handy and follow the prompts. Complete instructions are available here. Users currently using VPN have already loaded DUO and are ready to use multi-factor.

Users will have lots of time to download DUO and start using MFA during this opt-in period. However, OIT strongly encourages users to add this extra security layer to their accounts now. Starting in January 2021, users will not be able to access SIU systems and software without using MFA.

Again, OIT recommends users add MFA with a cell phone or mobile device and receive push notifications as the verification method. If individuals and/or departments choose instead to use MFA tokens, they can purchase these through SalukiTech, located on the first floor of Morris Library, starting Aug. 10. Tokens run $25 and are SIU-specific — personal tokens will not work.

Visit the SIU Credentials webpage to learn more about single sign-on, new sign on credentials, and multi-factor authentication. If you need help, or have questions, contact SalukiTech at 618/453-5155 or salukitech@siu.edu.