Two-Step Login
With your Unibas account, you have access to the network and applications of the University of Basel 365 days a year and around the clock.
In doing so, you may use applications and process data with increased protection requirements, which is why the 'Two-Step Login' is introduced for all user accounts.
- Read which methods are available for authentication.
- Select your preferred method. The 'Best Practice' can help you with the selection.
- Activate your account and configure the methods you want.
Here you can go directly to the quick guides for activating 'Two-Step Login'.
- For smartphone users, the PUSH method is the most convenient way to use 'Two-Step Login'. By simply confirming the request, the users can perform the authentication.
- It is also recommended that smartphone users store their mobile number. This makes it easier to change their smartphone.
- Store your Unibasel phone number. This will enable you to perform 'Two-Step Login' even if your smartphone/mobile device is not operational.
- If you have access to other phone numbers (e.g. a second phone number at work or at home), you can also store these as additional numbers.
- If you have several smartphones or tablets in use, install the Authenticator app on these devices as well.
Short and sweet
- From 27 February 2023, if you use the Microsoft Authenticator App, you will also need to enter a 2-digit number before authorisation.
- If you use another Two-Step Login method (2FA) (e.g. 6-digit OTP code, hardware token in credit card format, SMS code, other Authenticator App), nothing will change for you.
- Likewise, Microsoft has discontinued support for the Apple Watch for security reasons as of January 2023. If you have been using it until now, you will need to deactivate the Authenticator App for Apple Watch.
Details and background information
Since the beginning of 2022, we have been using two-step login (2-factor login or multifactor authentication) at the University of Basel. We are pleased to report that there have been no successful phishing attacks on services protected with Two-Step-Login since its introduction.
One of the most convenient and popular two-step login methods is the so-called push notification with the Microsoft Authenticator app on the smartphone.
Cybercriminals have also upgraded and are trying to circumvent the Two-Step-Login. In this so-called "MFA Fatigue Attack" (also called "MFA Prompt Bombing"), the user is harassed by means of multiple repeated requests until finally such an annoying request is confirmed by mistake.
This YouTube video shows an example of this: https://youtu.be/wHhbWUXx95U
To counteract such attacks, the push notifications of our two-step login will be changed to the "number matching" procedure from 27 February 2023.
What does this mean for you as a user?
Make sure you have the latest version of the Microsoft Authenticator app installed on your smartphone. Only the latest versions will support the number-matching process.
You will need to enter a two-digit number, which will be displayed when you log in, into the Authenticator app before confirmation. This ensures that confirmation can only take place if you know this additional number.
FAQ's for "Two-Step Login
The two-step login procedure is only intended for personal user accounts. So called. Group mailboxes and/or functional mailboxes are not affected and do not require a two-step.
You can also use your workplace number for verification by means of a telephone call. If this is not possible, please contact the ITS ServiceDesk (+41 61 207 14 11).
Contact the ITS Service Desk (+41 61 207 14 11).
Check that you do not have a call barring function active for advertising calls. Temporarily deactivate the barring and try the function again. If you now receive the call, make the necessary adjustments to the barring.
Service Desk
IT-Services
Spitalstrasse 41, 3rd Floor
CH-4056 Basel
Phone +41 61 207 14 11
E-mail support-its@unibas.ch