Tag Archives: authentication
Weblogin for Atlassian products provides an easier, safer sign-in process
Cosign Authentication Retirement: Next steps to discontinue use by June 30, 2023
Units: plan to discontinue Cosign use by June 2023
Information and Technology Services along with many units are working to discontinue use and retire the two-decade old Cosign Authentication service. As part of the U-M Annual Internal Control Certification process for this fiscal year, units are required to attest to discontinuing or planning to discontinue use of Cosign in unit-owned applications by June 2023.
Transition from Cosign to Shibboleth Authentication
The ITS Identity & Access Management team (IAM) has finalized plans to reach key milestones that will remove dependencies on the Cosign authentication service by summer 2022. Cosign has been the university’s secure, single sign-on, web authentication system for more than 20 years. Originally designed at U-M, the open source software was once widely used across higher education.… Read More »
Duo expansion: New app and resources support two-factor for Weblogin
Getting questions about U-M’s move to two-factor for Weblogin for faculty and staff? New and updated materials are available that you can refer people to. The online and print materials are intended to help you prepare for January 23, 2019, when two-factor for Weblogin will be turned on for all faculty, staff, student employees, and sponsored affiliates of… Read More »
Use Duo when traveling
Don’t let travel plans interrupt the protections provided by Duo. Duo offers multiple options to help you complete two-factor authentication when traveling. You may be able to use your regular Duo two-factor option, or you may need to use an alternative, depending on your travel plans. The recommended travel option is the Duo Mobile app on a smartphone… Read More »
Duo can remember you for seven days
Now you can get the security benefits of two-factor for Weblogin with fewer login prompts. The Duo Remember Me time was extended from 12 hours to seven days on August 25. Remember to select the checkbox if you want Duo to remember you. You’ll see the Remember Me checkbox when you log in to a U-M site or… Read More »
Wearables to boost security of voice-based log-in
A security-token necklace, ear buds, or eyeglasses developed at U-M could eliminate vulnerabilities in voice authentication—the practice of logging in to a device or service with your voice alone. “Increasingly, voice is being used as a security feature but it actually has huge holes in it,” said Kang Shin, professor of electrical engineering and computer science at U-M.… Read More »
Remember Duo Remember Me?
When students, staff, and faculty come to you with concerns about the latest virus, hack, or phishing attempt, pass on the good news that turning on two-factor to protect their U-M Weblogin and personal data is even easier. In April, the university added the Remember Me option to two-factor for services accessed via the Weblogin page. It allows you… Read More »
ITS explores privileged access management
The ITS Identity and Access Management team is exploring Privileged Access Management (PAM) and third-party solutions to mitigate U-M’s cybersecurity risk exposure.
Explore a new way to manage elevated access
No more MTokens! Last RSA server retired
As of December 5, the last server supporting U-M’s former two-factor authentication vendor, RSA, was retired at the university after more than a decade of use. The retirement of RSA and MTokens marks the last step in the vendor replacement process. Since July 2016, cloud-based Duo Security has provided the university’s two-factor authentication service, offering a variety of… Read More »