Account & Password

SSOid
Single Sign On user id (SSOid) is created automatically for both staff and students to sign in to the intranet and U-wide IT services using one set of login credentials
Two-Factor Authentication (2FA)
Empowering users to access University IT resources with ease and confidence has always been our priority.  As endorsed by IT Committee in December 2016, users requesting for central IT services should be authenticated by Two-Factor Authentication (2FA).  After elaborate technical evaluation and testing, an advanced 2FA solution by DUO will be implemented on 4 January 2018.

G Suite (such as Gmail and Google Drive) for staff will become the first application with Duo 2FA enabled.   Duo 2FA support for other applications will be gradually introduced in due course.

What is two-factor authentication? Why do I need it?

Traditionally, access to University IT resources requires you to provide username and password.  While it is an effective way to protect your data, protection with password only is increasingly easy to be compromised.  It can often be stolen, guessed or hacked – you may not even know someone is accessing your account.

2fa_ov_01

 

 

 

 

Two-factor authentication adds a second layer of security to your accounts.  Verifying your identity using a second factor (e.g. your smartphone with an app) to approve authentication requests prevents anyone but you from logging in, even if they know your password.

How it works?

Using Gmail for staff as an example,
Enter your email address at Gmail sign in screen as usual.

2fa_ov_02

 

 

 

 

 

 

 

 

 

Gmail recognizes that your account is protected by Duo 2FA, and you will be redirected to a dedicated HKBU login page to enter your SSOid and password.

2fa_ov_03.png

 

After inputting your login information, you will be asked to either respond to a push message OR enter a one-time passcode to verify your identity – both can be done via your mobile device.

2fa_ov_04

 

 

 

 

You are now securely logged in

Getting Started

Register your mobile device starting 4 January 2018 by following the simple instruction given in the User Guide (refer to ‘Policies & Guidelines’ tab).

It will guide you through for a self-enrollment process to get your mobile device registered as the second authentication factor.  The process is very simple and should take only 2 minutes.  Please feel free to contact our Customer Service Call Centre if you need further assistance.

Systems Protected by Duo Two-Factor Authentication

G Suite (such as Gmail and Google Drive) for staff will be the first application having Duo two-factor authentication enabled.  Dates for other central IT services to be 2FA enabled will be announced in due course.

SSOid Account Policy

Each University staff / student is entitled to a Single Sign On user id (SSOid) account for the duration of his/her association with HKBU to access intranet and U-wide IT services.

When an SSOid account is first created, it must be activated before it can be used.  To safeguard security, rules have been implemented regarding the format and expiration period of the password of an SSOid.  Please refer to the User Account Password Policy.

SSOid Account User Guides
Guidelines on using Two-Factor Authentication (2FA)
Free of Charge