| Version 4 (modified by , 3 days ago) ( diff ) |
|---|
Multi-factor authentication at MBS
In the coming weeks, MBS will roll out authentication with a so-called second factor (2FA). But what is this and why is it needed?
Authentication is the technical term for logging into an IT system. Currently, this is based on one factor. This is your password. However, a password alone is no longer considered secure—and the IT security incidents of recent weeks and months, also here at MBS, confirm this. For this reason, we will be requiring at least two factors for logging in (multi-factor authentication, MFA). In addition to your password, you will need one of the following options:
- After entering your password, you must confirm your login in an app (Option 1).
- In addition to the password, you will need a code displayed by an app (app on your cell phone, Option 2).
- The code can also be obtained from an app on your laptop (Option 3).
In addition, there is the option of using a special USB stick (“FIDO2” stick), which must always be plugged in to log in.
The options are listed in the order in which I recommend them.
Generation of codes for MFA is tied to the device! When you get a new smartphone, you need to register again!
On site at MBS (or when connected via VPN), no second-factor authentication is required.
Note for employees: Since you will need to use your personal smartphone for options 1 and 2, I can only offer these options. However, options 3 only requires equipment provided by the employer.
Introduction phase:
- January 18, 2026: Mandatory for employees
- January 25, 2026: Mandatory for all lecturers
- Starting April 2026: Mandatory for all new students (later also active students may follow)
Which option is best for me?
- If you don't mind installing Microsoft Authenticator on your smartphone, use Option 1.
- If you want to use a different authenticator on your smartphone, use Option 2.
- If you do not want to use your smartphone, use Option 3.
