Two-factor authentication (2FA)
Binghamton University will soon require that accounts use two factors of authentication (2FA) for certain services including myCourses, myBinghamton, BU Brain and others. The entire campus will be required to use 2FA in the near future, so we are asking you to sign up as soon as possible. (Note that this in addition to what you may already have configured for Pulse Secure VPN)
Looking for instructions for how to set up 2FA for Pulse Secure VPN?
For 2FA instructions regarding all other services (myCourses, myBinghamton, BU Brain, etc.) continue with the document below.
Two Factor Authentication is an extra layer of security that requires that an individual has the following two things before they are able to authenticate into a system. These include:
- Something you know (examples: password or PIN)
- Something you have (examples: phone, computer, keyfob, card)
Consider the situation where you want to withdraw money from an ATM. In order to do so, you need both a PIN (something you know), as well as your ATM Card (something you have). Effectively, the concept here is the same.
The good news is that, if you know your Binghamton University username and password, you already have the “something you know,” which means you’re already halfway there. The part that remains is the “something you have.”
To fully enroll in 2FA, you will first need to identify the device or devices you want to use for verification (something you have). This could be a personal cell phone, tablet, laptop or desktop computer. Once you have identified the device, you will need to download and install an application, and then configure a secret “token” on that device.
Once you have identified the device, follow the relevant instructions below:
I want to use a phone or tablet:
I want to use Chrome, Firefox or Internet Explorer on my laptop or desktop computer:
I want to synchronize my 2FA configuration across multiple devices including phones and computers:
Best practices for information security include more than one level of proof that a user is who they say they are before being allowed to log into a system, referred to as two-factor authentication, sometimes also referred to as multi-factor authentication. With the approval of SOG+ (the expanded University’s Senior Officers Group), Binghamton University recently moved to this two-factor authentication (2FA) for those using the Pulse Secure VPN to access the University's network from remote locations, and the University is now expanding use of 2FA to best protect all information stored on University servers.