With your Unibas account, you have access to the network and applications of the University of Basel 365 days a year and around the clock.
In doing so, you may use applications and process data with increased protection requirements, which is why the 'Two-Step Login' is introduced for all user accounts.
- Read which methods are available for authentication.
- Select your preferred method. The 'Best Practice' can help you with the selection.
- Activate your account and configure the methods you want.
Here you can go directly to the quick guides for activating 'Two-Step Login'.
- For smartphone users, the PUSH method is the most convenient way to use 'Two-Step Login'. By simply confirming the request, the users can perform the authentication.
- It is also recommended that smartphone users store their mobile number. This makes it easier to change their smartphone.
- Store your Unibasel phone number. This will enable you to perform 'Two-Step Login' even if your smartphone/mobile device is not operational.
- If you have access to other phone numbers (e.g. a second phone number at work or at home), you can also store these as additional numbers.
- If you have several smartphones or tablets in use, install the Authenticator app on these devices as well.
Short and sweet
- From 27 February 2023, if you use the Microsoft Authenticator App, you will also need to enter a 2-digit number before authorisation.
- If you use another Two-Step Login method (2FA) (e.g. 6-digit OTP code, hardware token in credit card format, SMS code, other Authenticator App), nothing will change for you.
- Likewise, Microsoft has discontinued support for the Apple Watch for security reasons as of January 2023. If you have been using it until now, you will need to deactivate the Authenticator App for Apple Watch.
Details and background information
Since the beginning of 2022, we have been using two-step login (2-factor login or multifactor authentication) at the University of Basel. We are pleased to report that there have been no successful phishing attacks on services protected with Two-Step-Login since its introduction.
One of the most convenient and popular two-step login methods is the so-called push notification with the Microsoft Authenticator app on the smartphone.
Cybercriminals have also upgraded and are trying to circumvent the Two-Step-Login. In this so-called "MFA Fatigue Attack" (also called "MFA Prompt Bombing"), the user is harassed by means of multiple repeated requests until finally such an annoying request is confirmed by mistake.
This YouTube video shows an example of this: https://youtu.be/wHhbWUXx95U
To counteract such attacks, the push notifications of our two-step login will be changed to the "number matching" procedure from 27 February 2023.
What does this mean for you as a user?
Make sure you have the latest version of the Microsoft Authenticator app installed on your smartphone. Only the latest versions will support the number-matching process.
You will need to enter a two-digit number, which will be displayed when you log in, into the Authenticator app before confirmation. This ensures that confirmation can only take place if you know this additional number.
FAQ's for "Two-Step Login
Please contact the ITS Service Desk (+41 61 207 14 11).
Authentication using the 'Authenticator App' only minimally increases data consumption.
In principle, no additional costs incurred for the 'Two-Step Login' will be covered by the University of Basel.
Receiving SMS at home and abroad is basically free of charge.
Yes, you can register multiple smartphones.
The functionality of 'Single Sign-on' (SSO) is used. This means that logging in to other applications (which are protected by 'Two-Step Login') with the same browser is not necessary if you have already logged in once with 'Two-Step Login' with the browser. However, a new authentication takes place after 24 hours at the latest.