May 15, 2019 update: You can once again use the Call Me option to receive Duo phone calls to Chinese (+86) numbers for two-factor authentication. Automated phone calls for Duo two-factor authentication are no longer being blocked to Chinese (+86) numbers. Duo worked with one of its telephony providers and the Chinese government to resolve the issue. China… Read More »
Michigan IT staff on the Ann Arbor, Dearborn, and Flint campuses and in Michigan Medicine were responsible for the successful Duo expansion. This journey as a community made U-M 106,000 people safer. Read how.
Getting questions about U-M’s move to two-factor for Weblogin for faculty and staff? New and updated materials are available that you can refer people to. The online and print materials are intended to help you prepare for January 23, 2019, when two-factor for Weblogin will be turned on for all faculty, staff, student employees, and sponsored affiliates of… Read More »
If you ever forget your UMICH (Level-1) password, you can efficiently recover your account access as long as you have already completed some simple, advance setup. ITS has long offered a self-service account recovery option, but many users were unaware of the advance setup requirement until it was too late. To address this gap, ITS is adding a… Read More »
Now you can get the security benefits of two-factor for Weblogin with fewer login prompts. The Duo Remember Me time was extended from 12 hours to seven days on August 25. Remember to select the checkbox if you want Duo to remember you. You’ll see the Remember Me checkbox when you log in to a U-M site or… Read More »
Phishing emails often include links to fake Weblogin pages that look exactly like the real one. If you log in to the fake page, your password is stolen, and your U-M account could be compromised. The only clue it’s a fraudulent login page is the URL. Before entering your UMICH (Level 1) password, check that the page’s web… Read More »
The Enterprise Identity and Access Management (EIAM) program began 18 months ago to improve how people obtain and use accounts to access U-M services. The program came to an official close this summer. The program’s ambitious scope included the entire U-M community—Ann Arbor, Dearborn, Flint, and Michigan Medicine. The team sought to reduce today’s pain points and to plan for improvements into the future.
You can add protection for additional U-M systems, and for your personal information in Wolverine Access Employee Self-Service, by turning on two-factor for Weblogin. Two-factor provides additional security in case your UMICH (Level-1) password is stolen. The U-M Information Assurance team strongly recommends that you turn on two-factor to better protect your UMICH account and U-M systems and… Read More »
Resetting a forgotten UMICH (Level-1) password can be easy—but only if you’ve set up account recovery information ahead of time. When you save your account recovery information—a non-university email account and/or your mobile phone—we then know where to send your password-reset code in case you ever forget your password. To make this process easier, ITS will begin gradually… Read More »
You put U-M systems and data at risk if you use your UMICH (Level-1) password for non-university services. If you use your UMICH email address and password to establish a personal account (for example, at LinkedIn), and that information is exposed in a data breach, your UMICH account is now at risk. If you have used your UMICH… Read More »
Beginning Monday, May 7, Google is rolling out a new security feature that requires users to verify their identity when using the Chrome browser to log in to Google at U-M. The information below explains what to expect with the new Google Chrome verification process. When you log in to your Google at U-M account using the Chrome… Read More »
If you forget your UMICH (Level-1) password and want to reset it yourself, you can do so only if you previously saved account recovery information at UMICH Account Management. That’s because the university needs to know where to send you a password-reset code. Most new students and employees now provide account recovery information as part of self-serve uniqname setup, but many of… Read More »
Later this spring, a new option for account recovery will be added to UMICH Account Management. Currently, if you forget your UMICH (Level-1) password, you can receive a password reset code by email (as long as you have provided a non-UMICH email address for that purpose). Information and Technology Services (ITS) is working to give you the option… Read More »
Setting up single sign-on for a new service? The university’s preferred solution, Shibboleth, has a new option that makes it work with additional services. Shibboleth at U-M can now be set up to use either of these two industry standard protocols: Security Assertion Markup Language (SAML). For most services, SAML will be your best choice. Most services that… Read More »
On December 4, Information and Technology Services enabled U-M Weblogin for Office 365, 2017. This change will impact faculty, students, and staff with a Microsoft Office 365 Education Suite account on all U-M campuses. Login information will change from a self-directed password to U-M Weblogin credentials. No other action is required by Office 365 account holders. This change is part of… Read More »
Many people at U-M receive phishing emails with links to fake Weblogin pages that look exactly like the real one. When people log in to the fake page, their password is stolen, and their U-M account is compromised. The only clue it’s a fraudulent login page is the URL. Before entering your UMICH (Level 1) password, check that… Read More »
Strong passwords are essential, but they are not enough anymore. Your password needs a partner—two-factor authentication.