search

2factorauth / twofactorauth

List of sites with two factor auth support which includes SMS, email, phone calls, hardware, and software.
https://2fa.directory
Other
3.37k stars 1.77k forks source link

Add CQUniversity Australia #4603

Closed Jawshy closed 1 year ago

Jawshy commented 4 years ago

CQUniversity Australia (CQU) is a trading name of Central Queensland University.

They offer two-factor authentication (2FA) via Duo (SMS, proprietary, and U2F), but only for staff logging into ~Employee Self Service Online (ESSO)~ Office365 applications, Moodle, ESSO and VPN outside of the internal network. Other staff logins and all student logins do not yet offer 2FA. No public facing documentation, but because they use Duo the documentation is essentially this guide. Social media handles: Facebook and Twitter.

Should CQU be listed as supporting 2FA with an exception or not supporting 2FA due to the limited deployment? cquniversityaustralia

Update 2020-02-29: ...only for staff logging into Office365 applications, Moodle, ESSO and VPN outside of the internal network.

phallobst commented 4 years ago

I tried to initiate a discussion about multiple 2FA policies with issue #4306, but it didn't really take off so far...

My opinion is to list it as supporting 2FA, but with an exception text.

Carlgo11 commented 1 year ago

By the looks of it, CQU uses Microsoft Azure AD for authentication which would mean the same 2FA support as with Microsoft Accounts, regardless of account type. Can you confirm @Jawshy?

Jawshy commented 1 year ago

By the looks of it, CQU uses Microsoft Azure AD for authentication which would mean the same 2FA support as with Microsoft Accounts, regardless of account type. Can you confirm @Jawshy?

Sorry for the belated response, @Carlgo11. No, only custom-software and sms 2FA are being implemented for students starting April 2023 onwards.

The only public documentation I've found is this page without a date mentioning multi factor authentication using the Microsoft Authenticator app and SMS code methods. There are links to user guides on that page.

Also, there's an article behind a login that mentions key information like:

[...] From April 2023, you’ll be required to use multi-factor authentication whenever you log in to a CQUniversity website, app, or system. [...]

[...] For this authentication to work, you must have a valid mobile phone number recorded in MyCQU. [...]

Jawshy commented 1 year ago

I can now confirm that time-based one-time passwords (totp) are supported. One simply chooses 'I want to use a different authenticator app' when adding an authenticator app as a sign-in method.

Jawshy commented 1 year ago

And also phone call based authentication (call).