Closed Jawshy closed 1 year ago
I tried to initiate a discussion about multiple 2FA policies with issue #4306, but it didn't really take off so far...
My opinion is to list it as supporting 2FA, but with an exception text.
By the looks of it, CQU uses Microsoft Azure AD for authentication which would mean the same 2FA support as with Microsoft Accounts, regardless of account type. Can you confirm @Jawshy?
By the looks of it, CQU uses Microsoft Azure AD for authentication which would mean the same 2FA support as with Microsoft Accounts, regardless of account type. Can you confirm @Jawshy?
Sorry for the belated response, @Carlgo11. No, only custom-software
and sms
2FA are being implemented for students starting April 2023 onwards.
The only public documentation I've found is this page without a date mentioning multi factor authentication using the Microsoft Authenticator app and SMS code methods. There are links to user guides on that page.
Also, there's an article behind a login that mentions key information like:
[...] From April 2023, you’ll be required to use multi-factor authentication whenever you log in to a CQUniversity website, app, or system. [...]
[...] For this authentication to work, you must have a valid mobile phone number recorded in MyCQU. [...]
I can now confirm that time-based one-time passwords (totp
) are supported. One simply chooses 'I want to use a different authenticator app' when adding an authenticator app as a sign-in method.
And also phone call based authentication (call
).
CQUniversity Australia (CQU) is a trading name of Central Queensland University.
They offer two-factor authentication (2FA) via Duo (SMS, proprietary, and U2F), but only for staff logging into ~Employee Self Service Online (ESSO)~ Office365 applications, Moodle, ESSO and VPN outside of the internal network. Other staff logins and all student logins do not yet offer 2FA. No public facing documentation, but because they use Duo the documentation is essentially this guide. Social media handles: Facebook and Twitter.
Should CQU be listed as supporting 2FA with an exception or not supporting 2FA due to the limited deployment?
Update 2020-02-29: ...only for staff logging into Office365 applications, Moodle, ESSO and VPN outside of the internal network.