Home » IT Services News » IT Services News No. 178 (Dec 2015) » Implementation of Two-Factor Authentication for Central IT Services

Implementation of Two-Factor Authentication for Central IT Services

As reported in the article published in ITS News (No. 177), ITS is now in the process of implementing Two-Factor Authentication (“2FA”) for the University’s Virtual Private Network (“HKUVPN”).  From 4 January 2016 onwards, on top of the login step using HKU Portal UID/PIN, a one-time password (token code) will be required for authenticating the access to the HKUVPN service.  For smooth service transition, the old HKUVPN login mechanism of using only HKU Portal UID/PIN will run in parallel with the new HKUVPN service with 2FA until 31 March 2016. 

Existing HKUVPN users will soon receive an email notification about the introduction of the new 2-factor authentication mechanism and the procedures on the necessary user registration and software installation/configuration.  In summary, users are required to go through the following steps for enabling the use of HKUVPN with 2FA:

User Registration

Staff and students are required to register their alternate email address with ITS for using the 2FA service.  Student users will receive the one-time password (token code) through their alternate email address when logging in HKUVPN.  Full-time and part-time staff users whose HKU Portal account would have access to information related to personal data of students and/or other staff members can elect the use of a Mobile App running on a mobile device to receive the token code. (Visiting, honorary and hourly-paid staff will only use the alternate email address that they have registered with ITS to receive the token code). 

Software Installation

Download the new HKUVPN client through HKU Portal and follow the steps given in the webpage to do a one-time configuration

Mobile App installation (only applicable to those staff users who choose to receive the token code through Mobile App) through App Store (for Apple iOS devices) or Play Store (for Android devices)

Briefing sessions

Two briefing sessions (identical in contents) will be held to assist users understand more about the 2FA mechanism, registration and configuration procedures on using HKUVPN with 2FA.  Details are as follows:

Session 1

Date: 14 January 2016
Time: 4-5pm
Venue: T6, Meng Wah Complex
Language: Cantonese
Registration URL : https://hkuems1.hku.hk/hkuems/ec_hdetail.aspx?&UEID=40667

Session 2

Date: 27 January 2016
Time: 4-5pm
Venue: LE6, Library Extension Building
Language: English
Registration URL: https://hkuems1.hku.hk/hkuems/ec_hdetail.aspx?&UEID=40670

All staff and students are welcome to join either one of the above sessions. They are also invited to let us have their feedback on using the 2FA instituted as this secure authentication means will be extended to other central IT services at a later stage, say, for accessing HKU Portal outside campus network.

In case you have any questions or feedback on the above, please feel free to contact our Service Desk at ithelp@hku.hk or 3917 0123.


John Lam
Information Security Team
Tel: 3917 5952
Email: joncclam@hku.hk