Skip to end of metadata
Go to start of metadata

This section outlines the steps for implementing multi-factor authentication for web services.

Preface

Several web services offered by the CIS are accessible from locations outside the university. Refer to the following instructions for details. Unauthorized access attempts from outside, however, the university are possible. To mitigate the risk of unauthorized access due to leaked account information, such as through phishing emails, follow the recommended security measures outlined in this guide.

To prevent unauthorized access resulting from password leakage, System11 has implemented AXIOLE, an authentication server featuring a multi-factor authentication function.
When users activate the multi-factor authentication setting, the system will perform multi-factor authentication using a one-time password (OTP) when logging in to a web service that supports this security feature from off-campus.

While System11 has implemented the multi-factor authentication function for university-wide email (MailSuite), it's important to note that the procedure outlined in this page does not apply, as it is specific to mail server products.
For instructions on setting up the multi-factor authentication feature for university-wide emails, please refer to the guide on 'Implementing Multi-Factor Authentication for Emails.

Web services where users can enable multi-factor authentication

 As of June 26, 2023, multi-factor authentication is now available for the following web services from off-campus:

  • File sharing and storage system(NextCloud)

Step-Guide

To set up multi-factor authentication for accessing from off-campus, follow the steps below from the campus network:

Activating 'Multifactor Authentication'

  1. Visit Users Portal(https://cis.kit.ac.jp/en/portal/)and click 'User Information Management(*Internal Only)'.
  2. Activate 'Multifactor Authentication' on the 'Request a Role' in 'User Information Management' page:

Setting up your token app

  1. Visit Users Portal(https://cis.kit.ac.jp/en/portal/) and click 'Set up Multi-Factor Authentication' and login with your CIS account:

  2. Click '2 Factor Authentication Setup' button.

  3. When the '2 Factor Authentication Setup' screen appears, choose 'Use a Token Application.' Then, scan the QR code displayed on the screen with the token app on your smartphone to register your one-time password information.
    You can use one-time password management applications (such as Google Authenticator, Microsoft Authenticator, etc.) that support the TOTP method as the token app. Additionally, standard password management apps on iPhone/iPad can also be used.


    After setting up your token app, click 'Next'.
  4. You will be prompted to enter an 'authentication code' to confirm that the token app has been successfully configured. Input the authentication code (one-time password) displayed on the token app and then click the 'Confirm' button.
  5. If the entered authentication code is correct, the following screen will appear, and the status of the two-step verification setting will be 'On'.


You can now benefit from multi-factor authentication.

How to log in to a web service with multi-factor authentication support

  1. Log in to the multi-factor authentication web service from off-campus using your CIS account.
  2. After the regular authentication process, the 'Enter Verification Code' screen will appear:
  3. Enter the authentication code (one-time password) displayed in the token app, then click the 'Login' button:

You can now benefit from successful login using multi-factor authentication.

Because the authentication code is updated at regular intervals, there may be instances where the login code changes to a new authentication code just before clicking the login button, resulting in a login failure. If you receive the error message 'The verification code does not match,' please re-enter the latest verification code.