Home » What's New » 2FA (2-Factor Authentication) Protection for HKU Portal

2FA (2-Factor Authentication) Protection for HKU Portal

To assist University staff in complying with DPP4 (Data Protection Principle 4) – the Data Security Principle of the Personal Data (Privacy) Ordinance (“Ordinance”), a new security measure, 2FA (2-factor authentication) protection for HKU Portal will be introduced for users’ access to HKU Portal outside campus network, effective from 21 November 2016.   

DDP4 requires that “a data user needs to take practical steps to safeguard personal data from unauthorised or accidental access, processing, erasure, loss or use”.

2FA Protection for HKU Portal

This is a security measure that will be applied to HKU Portal for staff.  After the measure is introduced, there will be two modes of protection to HKU Portal when it has to be accessed outside campus network by staff users, as described below:

1. With 2FA Protection 

This mode of access (outside campus networkwill be triggered when the login step using HKU Portal UID/PIN is followed by choosing to continue with 2FA protection.  At this point, users will be prompted to enter a one-time token code to complete the 2FA login procedure.  Upon completion, they can gain access to the HKU Portal services in the same fashion as they normally do within campus network.   

2. Without 2FA Protection 

This mode of access (outside campus network) will be triggered when the login step using HKU Portal UID/PIN is followed by choosing to continue without 2FA protection. At this point, the users will immediately be able to work in the protected mode of HKU Portal, under which the Manager Self Service (MSS) and Student Information System (SIS) functions that would involve access to others’ personal data will not be accessible.  Please click here for more information.

For access to HKU Portal within campus network, there will be no change.

Effective Dates

Colleagues who have already registered for 2FA to use HKU Virtual Private Network (HKUVPN) are ready to use this new security measure starting from 21 November 2016

Colleagues who have not yet registered for 2FA and have the needs of gaining access to MSS and/or SIS functions of HKU Portal outside campus network, please proceed to register for enabling the use of 2FA. Starting from 3 January 2017, the measure will be effective for all University staff as a mandatory personal data protection requirement.
 

2FA Registration

Please register to use 2FA through the online form http://www.its.hku.hk/2fa/staff-register. Staff (except visiting, honorary and hourly-paid staff) can choose to use either alternate email address or 2FA Mobile App (FortiToken) to receive the one-time token code.
 

Briefing Sessions

To facilitate colleagues to understand the use of 2FA in accessing HKU Portal outside campus network, ITS will conduct 6 briefing sessions (identical in contents) on the subject.  These briefing sessions will be useful to colleagues who are new to 2FA.  Details of the briefing sessions are as follows-

 

Date

Medium of instruction

Time

Venue

Registration

Session 1

16 November 2016 (Wednesday)

Cantonese

9:30am – 11:30am

KKL-201

Click to register

Session 2

23 November 2016 (Wednesday)

English

Click to register

Session 3

30 November 2016 (Wednesday)

Cantonese

Click to register

Session 4

5 December 2016 (Monday)

English

Click to register

Session 5

14 December 2016 (Wednesday)

Cantonese

Click to register

Session 6

19 December 2016 (Monday)

Cantonese

Click to register

To attend any of the above sessions, please register via the HKU Event Management System under HKU Portal (login HKU Portal > click “Events” tab > click “View all events” > type “2FA Protection" in the field Keyword(s)).

In case of questions, please feel free to contact our Service Desk at ithelp@hku.hk or 3917 0123.

P T Ho 
Director of IT Services 
Information Technology Services