Introduction of Secure Login to VŠE Users
- About the project
- How to set up the MFA in Office365
- How to set up the MFA in InSIS
- Known issues and their solutions
About the project
The aim is to introduce a more secure form of logging, which will significantly reduce the possibility of misuse of logging data (phishing, keyboard observation, accidental publishing, for example, when screening at lessons), by introducing the so-called multi-factor authentication (MFA) for logging in to InSIS and Office365. The second factor will be needed when logging in from a new device or after a certain period of time (30-90 days).
How to set up the MFA in Office365
On your computer, go to myaccount.microsoft.com, log in using your school account. On the left side of the screen, tap Security Information.
Click the + Add login method option above the table. Choose Authenticating apps and continue through the Next buttons until you see the QR code.
On your mobile, launch the Microsoft Authenticator app, select Add Account, select Work or School Account, and finally select Scan QR Code.
Scan the QR code and confirm with the Approve button. On your computer, click Next to continue.
When logging in to Office365, you are asked to confirm the login in Microsoft Authenticator (you have a data connection) or to write down the code from Microsoft Authenticator (you do not have a data connection).
More options for setting up MFA in Office 365
- Set up the MFA in Office 365 with a FIDO2 key
- I do not have a mobile phone or I do not have a smart phone
- Complete list of the MFA setup options with manuals
How to set up the MFA in InSIS
Install the Microsoft Authenticator application or a similar application for one-time passwords (TOTP) on your mobile In InSIS, in Settings for authentication using one-time passwords (OTP), start pairing with the mobile application Print the generated QR code (it will serve as a backup for recovery) From the application on mobile, scan the QR code from the screen or from the printout Complete pairing and activate one-time passwords Keep the printed QR code page safe
If you are already signed in to Office 365, you can quickly sign in to InSIS in the Office 365 sign-in dialog:
Install the Microsoft Authenticator application or a similar application for one-time passwords (TOTP) on your mobile
In InSIS, in Settings for authentication using one-time passwords (OTP), start pairing with the mobile application
Print the generated QR code (it will serve as a backup for recovery)
From the application on mobile, scan the QR code from the screen or from the printout
Complete pairing and activate one-time passwords
Keep the printed QR code page safe
Known issues and their solutions
I do not have an MFA set up and it is now required – what to do?
Office365 prompts you to set up the MFA as soon as you sign in again. Instructions and more information can be found here.
I am unable to use the FIDO2 key to authenticate on the station in the classroom or on the school virtual desktop
This verification combination is currently not working, so please use a different verification method. We are working on the issue.
How do I use the temporary access key generated by the Help Desk?
A simple guide is available here.
Setting up/logging in with FIDO2 key does not work in Firefox on the employee computer
Try using the Microsoft Edge browser (can be installed via the Network Installation icon), or ask the Help Desk to reinstall to a new image.
Other issues and their solutions
|Procedure and course of implementation of secure login (continuously updated)|
|14. 2. 2023||Approved by the VŠE management|
|24. 3. 2023||Mandatory MFA in InSIS and Office 365 for users who already have mandatory MFA in one of these systems.|
|21. 4. 2023||Mandatory MFA for all lecturers|
|26. 4. 2023||Mandatory MFA for FMV students|
|July 2023||Mandatory MFA for FIS students|
|August 2023||Mandatory MFA for all employees with an employment contract|
|September 2023||Mandatory MFA for FM, FFÚ, FPH and NF students|