Two Factor Authentication
Two-factor Authentication (2FA) enhances security for your account login authentication process. Traditionally, a password is used as the only factor of authentication to verify a person's identity. In case the password is leaked or compromised, attackers may be able to use the account for malicious activities. 2FA is introduced to provide an additional layer of security to your identity. In addition to your password (the first factor), it verifies your identity using a second factor (e.g. your mobile phone), preventing anyone but you from logging in, even if they know your password. Currently, Cisco DUO is adopted as a 2FA solution at CityU. To login to a 2FA-enabled CityU account, after entering your username and password, a push notification will be triggered to the registered mobile device through the DUO mobile app, prompting a request for approval to access the account.
Instead of mobile phone, other options on 2nd factor devices such as SMS, time-based token and Yubikey are available as well.