User’s account security is the highest priority of ICTO. As introduced in our last issue, ICTO has implemented two-factor authentication (known as 2FA) to give your UMPASS account an extra layer of protection in case your password is ever compromised. With 2FA, even if your UMPASS password is exposed, the attacker still cannot access your account remotely.

Let’s take a closer look at how to take advantage of our new 2FA features!

Two-factor authentication is a login process that requires two steps to verify your identity, to ensure that it’s really you who is logging in. The first factor is your UMPASS username and password to gain access to the UM systems. The second factor is a randomly generated passcode or a push from your trusted mobile device/tablet.

(Note that 2FA is required, when you access the 2FA protected systems with non-UM network, e.g. off-campus or mobile network.)

3 Steps to Apply and Setup 2FA Service

All staff and students can apply 2FA service. You also need a mobile device running one of the following operating systems:

– iOS 10.0 and greater

– Android 6.0 and greater

Follow the steps below to apply and setup 2FA service:

1. Download Duo Mobile App

2. Login to ICTO Account Information Page ( ) within UM network to apply the 2FA service

3. You will be redirected to the User Device Registration Page, click “Start setup” to start your account activation.

Please choose “Tablet” for the registration.

Then follow the on-screen wizard to continue register your device to use 2FA service.

Your account is only as strong as the steps you take to keep it secure. ICTO encourages you to activate 2FA service to secure your account immediately.

For more information about 2FA, please see ICTO website.