Home » IT Services News » IT Services News No. 183 (Oct 2016) » 2FA (2-Factor Authentication) Protection for HKU Portal

2FA (2-Factor Authentication) Protection for HKU Portal

To assist University staff in complying with DPP4 (Data Protection Principle 4) – the Data Security Principle of the Personal Data (Privacy) Ordinance (“Ordinance”), a new security measure, 2FA (2-factor authentication) protection for HKU Portal will be introduced for users’ access to HKU Portal outside campus network.

DDP4 requires that “a data user needs to take practical steps to safeguard personal data from unauthorised or accidental access, processing, erasure, loss or use”.

About this change

This security measure will be applicable to HKU Portal for staff only.  After the measure is introduced, there will be two modes of protection to HKU Portal when it is to be carried out outside campus network by staff users, as described below:

  1. With 2FA Protection
    This mode of access will be triggered when the login step using HKU Portal UID/PIN is followed by choosing to continue with 2FA protection.  At this point, users will be prompted to enter a one-time token code to complete the 2FA login procedure.  Upon completion, they can gain access to the HKU Portal services in the same fashion as they normally do within campus network.   
     
  2. Without 2FA Protection
    This mode of access will be triggered when the login step using HKU Portal UID/PIN is followed by choosing to continue without 2FA protection. At this point, the users will immediately be able to work in the protected mode of HKU Portal, under which the Manager Self-Service (MSS) and Student Information System (SIS) functions that would involve access to others’ personal data will not be accessible.  Please click here for more information.

For access to HKU Portal within campus network, there will be no change.

Effective date

Colleagues who have already registered for 2FA to use HKU Virtual Private Network (HKUVPN) are ready to use this new security measure starting from 21 November 2016

Colleagues who have not yet registered for 2FA and have the needs of gaining access to MSS and/or SIS functions of HKU Portal outside campus network, please proceed to register for enabling the use of 2FA. This security measure will be effective for all staff members of the University as a mandatory personal data protection requirement starting from 3 January 2017. 

Registration

Please go to HKU Portal, type "2FA" in the search field and click the link "Register to Use 2FA".  Staff (except visiting, honorary and hourly-paid staff) can choose to use either alternate email address or 2FA Mobile App (FortiToken) to receive the one-time token code.

Briefing Sessions

To facilitate colleagues to understand the use of 2FA in accessing HKU Portal outside campus network, ITS will conduct 6 briefing sessions (identical in contents) on the subject.  These briefing sessions will be useful to colleagues who are new to 2FA.  Details of the briefing sessions are as follows-

 

Date

Medium of instruction

Time

Venue

Registration

Session 1

16 November 2016 (Wednesday)

Cantonese

9:30am – 11:30am

KKL-201

Click to register

Session 2

23 November 2016 (Wednesday)

English

Click to register

Session 3

30 November 2016 (Wednesday)

Cantonese

Click to register

Session 4

5 December 2016 (Monday)

English

Click to register

Session 5

14 December 2016 (Wednesday)

Cantonese

Click to register

Session 6

19 December 2016 (Monday)

Cantonese

Click to register

Registration for attending any of the above sessions can be made via HKU Event Management System under HKU Portal (login HKU Portal > click “Events” tab > “click View all events” > type “2FA Protection" in the field Keyword(s)).

Enquiries

If you have any questions regarding the above, please contact our Service Desk at ithelp@hku.hk or 3917 0123.

 

P T Ho
Director of IT Services
Tel: 3549 5223
Email: hcxchpt@hku.hk