SUBJECT:

Two-Step Login Available Now; Required January 2019

We are pleased to announce the launch of a significant and important cybersecurity measure for UC San Diego: two-step login for most campus services. The university is deploying a two-step login process in response to a dramatic rise in the scope and sophistication of phishing, spear phishing and malware attacks that target our faculty and staff. These attacks are a serious and pervasive threat to information security at UC San Diego and the two-step login process is a highly effective method to reduce these attacks.

The use of two-step login will become required in January 2019 for both accessing the VPN and for logging in to the single sign-on system. Those seeking to secure their accounts immediately can do so on a voluntary basis by enrolling in two-step login and activating it now.

The timeline and procedures apply to all UC San Diego faculty and staff including UC San Diego Health personnel who access campus systems. General availability for students will begin in the spring of 2019.

Two-step login is an added layer of protection for you and for the university. You may already be familiar with the concept as many institutions require you to enter a code sent via text message, phone call or mail. For example, Apple uses this technique when their users access their iCloud account. Most financial institutions, and some federal agencies like the NIH, do this today for their software applications and web sites. Our process will be simpler and will include multiple options for handling the two-step login process, including use of a free smartphone app. For the business and other applications that use the UC San Diego single sign-on service, you will only have to complete the two-step login procedure once a week.

As one of the nation’s top public universities, our research, intellectual property and institutional data are of high interest to state-sponsored and organized cyber-criminals. Your financial and personal assets are also targets. Using two-step login will reduce risk to our information security and also reduce the likelihood that you too may be the next victim.

Visit http://twostep.ucsd.edu/ for additional information and to get started. There you will find a full explanation of the rationale for implementation of two-step login, along with FAQs and user guides. Please direct questions to the Service Desk at servicedesk@ucsd.edu or 858-246-4357.

Elizabeth H. Simmons Executive Vice Chancellor – Academic Affairs Pierre Ouillet Vice Chancellor and Chief Financial Officer