As mentioned in a Computer Security Bulletin article, you will gradually start seeing a new web page when you log in to CERN websites. Perhaps you’ve noticed it already? If not, you certainly will over the coming months! The new login page has a more modern look and feel, and is able to support a wider range of services than the previous system. You can see the new login page by accessing newdle.cern.ch, https://cern.zoom.us or one of the other many services that have already made the switch. It is the most visible part of many changes that are being made to the identity management system as part of the MALT project. CERN’s identity management system is responsible for managing your computing accounts and granting you access to the thousands of online services available to CERN users.
Although most of CERN’s services allow you to log in with your username and password, others require an even higher level of security. Two-factor authentication means that you provide an additional proof that shows you are truly the account owner, and haven’t been hacked! You can read more about two-factor authentication in a Computer Security Bulletin article. Any CERN account holder can enable two-factor authentication for themselves in the new login page by using a One-time-password application (which will display a code on your phone that is valid for one login session only), or by using a hardware token such as a Yubikey (a guide is available here): you will still have the choice to authenticate the way you prefer for websites and services for which two-factor authentication is not mandatory but will be ready to connect to the ones requiring this level of security.
We are looking for your feedback on two-factor authentication, to make it as user-friendly as possible – please take a minute to fill in our survey before the end of July!