Introduction of multi-factor authentication at the Chemnitz University of Technology

The Chemnitz University of Technology offers a variety of services that are either protected via the Web-Trust-Center or can only be accessed from within the campus network (WLAN, cable network, VPN). In order to better protect access to these services and especially the data stored there and to protect the campus network in general, the URZ is planning to introduce multi-factor authentication (MFA). This was already announced in a Rector’s circular (see Rektorrundschreiben 40/2023). MFA is an extension of the login process that asks, in addition to the username and password, for an additional factor when logging in. This can e.g. be a numerical code that is generated via an app on your smartphone.

When will MFA be introduced?

MFA is still in pilot operation. This means users can test MFA now and activate it for their own account. The pilot operation will continue until June 3, 2024. From this date, MFA will be made mandatory. Anyone who does not set up MFA until this date will no longer be able to log in to the Web-Trust-Center from outside the campus network and will not be able to establish a VPN connection. The setup is then only possible on site (e.g. from the WLAN or in a computer pool at the URZ). By introducing MFA, we implement one item from our security agenda  (“Agenda des URZ mit Maßnahmen zur Erhöhung der IT-Sicherheit”).

How can I set up MFA for my account?

All the information you need to set up MFA for your account can be found on the information pages of the URZ. As soon as you have created at least one second factor (“token”), MFA is automatically activated for your account. There are currently three different types available as a second factor:

  • Software Token TOTP (authenticator app on your smartphone)
  • Hardware Token YubiKey (USB stick with special security features)
  • TAN List (list that can be printed on a sheet of paper)

You can manage your tokens directly in the IdM portal.

When and where do I need the second factor?

You will need your second factor when you are outside the campus network and want to login into the Web-Trust-Center or when you want to establish a VPN connection. Then you need to enter your second factor, additionally to your username and password. If you have enabled more than one token for your account, you can choose any of them. If you are inside the campus network (WLAN, cable network, VPN), then you do not need the second factor.

Where can I ask my questions about MFA?

You can ask any questions about MFA or all other URZ services via our ticket system by sending an email to support@hrz.tu-chemnitz.de. In the context of MFA, we are also offering a user forum (German: “Nutzerforum“) in room C10.012 on May 15, 2024 from 1:45 p.m. to 3:15 p.m. We will briefly introduce the service and answer any questions you may have. In order to get a better overview of the expected number of participants, we would like to ask you to register for this OPAL course.

Leave a Reply