This section outlines the steps for implementing multi-factor authentication in Email.

In addition to authentication by user ID and password, authentication by one-time password can be obtained after setting up Multi-Factor Authentication (MFA). Having two or more authentication factors enhances your cyber security with email.
In the email system offered by CIS, multi-factor authentication, which incorporates OTP in addition to ID and password verification, is available when accessed from a non-global IP address.
An OTP is a single-use password with a limited validity period. The email system can generate OTPs in two ways, so please choose the method that best suits your situation.

However, if circumstances arise, such as changing or losing your smartphone model or forgetting the password for your private email address, please configure the system to ensure you have both options available.
Followed by the setup of the dedicated app, proceed to set up your private email address in this process.

Activating Multi-Factor Authentication

Multi-factor authentication can be activated through Webmail.

1. Visit Webmail and log in.
   https://webmail.cis.kit.ac.jp/
2. Click 'Preferences' and then select 'Customize my Preferences'.
   
3. Select the 'Multi-Factor Auth' tab and check the radio button for 'Use Multi-Factor Authentication' to 'Yes'.
   
4. Afterward, log out of Webmail.

Setting up OTP APP

1. Visit Webmail and log in.
   https://webmail.cis.kit.ac.jp/
2. Click 'OTP APP'.
   

3. Scan the QR code below and install the app. Alternatively, you can search for 'DEEPOTP' on Google Play or the Apple Store and install it.

   
   【android】
   
   【iOS】
   
   

   
   

4. [Mobile] Open the installed app and tap on 'Add'.
   

5. [Mobile] The app code is displayed.
   *The app code is unique to each user and device. The image below is an example; please enter the code displayed in your app.
   
6. [Webmail] Return to your webmail, enter the app code, and click 'Next'.
   
7. [Webmail] Verify the user code.
   
8. [Mobile] Return to your mobile device, enter your user code, and tap 'Register.'
   The user code varies depending on the user and device. The image below is an example; please enter the code displayed in your webmail.
   
9. [Webmail] Click 'Next'.
   
10. [Mobile] Tap (and hold) on 'VIEW CODE' in the app and check the 6-digit number that appears.
    [Webmail] Enter this 6-digit number in the OTP field and click 'Next'.
    
    
11. [Webmail] Click 'HOME' to finish logging in to Webmail.
    

Configuring External(Private) email for authentication

After registering the OTP app, proceed to register your private email address.
The OTP will be sent to your private email address from the following sender with the specified subject: [Sender Name], [Subject].
Ensure to check your settings to prevent it from being sorted into spam or junk mail.

Sender：Your KIT email address（～@kit.ac.jp、～@edu.kit.ac.jp）
Subject：OTP notification

1. Click 'Preferences' and then select 'Customize my Preferences'.
   
2. Select the 'Multi-Factor Auth' tab and click button 'Register' button for 'External email for authentication'.
   
3. When the screen prompts you to enter an external email address, input your private email address (an address other than @kit.ac.jp or @edu.kit.ac.jp) to receive the OTP, and then click OK.
   
4. You will receive the following email at your private email address. Verify the listed OTP, input it in the webmail OTP field, and click OK.
   　
5. The setup is complete if the private email address is shown in 'External email for authentication'.
   

Logging in Webmail after setting up Multi-Factor Authentication

1. Visit Webmail and log in.
   https://webmail.cis.kit.ac.jp/
   
2. Log in with your CIS username and password.
   
3. 多要素認証の画面が表示されますのでOTPアプリ認証、外部メール認証どちらかを選択します。The multi-factor authentication screen will appear, prompting you to choose between OTP app authentication or external email authentication.
   【OTPアプリ認証を選択した場合】
   OTPの入力を求められますのでインストールしたDEEPOTPのアプリを起動し、表示されるOTPを入力しLOG INをクリックします。
   Image Removed
   【外部メール認証を選択した場合】
   OTP発行をクリックします。
   Image Removed
   登録したプライベートメールアドレス宛に以下OTP発行のお知らせメールが送付されます。
   通知されたOTPを入力しLOG INをクリックします。
   Image Removed

メールソフトの利用について

メールソフトを利用している場合、メールソフトを起動する前にWebメールにログインし、多要素認証を済ませておく必要があります。
多要素認証の有効時間は14時間となりますので、使用時間が14時間を超過する場合には、14時間後に再度Webメールにログインして下さい。

Image Removed

多要素認証の有効期間

1. [Choosing OTP app]
   You will be prompted to enter the OTP. Begin by launching the installed DeepOTP app, inputting the displayed OTP, and then clicking on "Log In."
   Image Added
   
   [Choosing external email authentication]
   Click ”Issue OTP".
   Image Added
   A notification email containing the OTP will be sent to the designated private email address on record.
   Input the received OTP and click on "Log In."
   Image Added

Regarding the utilization of email software:

When using email software, log in to your webmail first and complete the multi-factor authentication process before accessing your email software.
Multi-factor authentication remains valid for 14 hours. If your usage extends beyond this duration, kindly log in to your webmail again after the 14-hour period.

Attempting to initiate your email software without enabling multi-factor authentication and entering your password will result in the display of the following error message.
Please be aware that you will not receive a notification indicating the non-completion of multi-factor authentication.
The message below will appear when the email activation state reaches the expiration date for multi-factor authentication.

Image Added

The duration of multi-factor authentication validity

You can review the expiration date of multi-factor authentication on the settings screen under 'Customize My Preferences'.

Related articles