Account & Password

SSOid
Single Sign On user id (SSOid) is created automatically for both staff and students to sign in to the intranet and U-wide IT services using one set of login credentials
Two-Factor Authentication (2FA)
Empowering users to access University IT resources with ease and confidence has always been our priority.  As endorsed by IT Committee in December 2016, users requesting for central IT services should be authenticated by Two-Factor Authentication (2FA). 

After elaborate technical evaluation and testing, an advanced 2FA solution by DUO has been implemented since 4 January 2018 with G Suite (such as Gmail and Google Drive) for staff being the first application with DUO 2FA enabled. Starting on 11 February 2019, the following services will also be protected by DUO 2FA :
–     BUniPort
–     Webpages that are protected by Portal Login
–     VPN (for General User and IT Administrator)

What is two-factor authentication? Why do I need it?

Traditionally, access to University IT resources requires you to provide username and password.  While it is an effective way to protect your data, protection with password only is increasingly easy to be compromised.  It can often be stolen, guessed or hacked – you may not even know someone is accessing your account.

 

two-factor authentication

 

 

Two-factor authentication adds a second layer of security to your accounts.  Verifying your identity using a second factor (e.g. your smartphone with an app) to approve authentication requests prevents anyone but you from logging in, even if they know your password.

How it works?

Using Gmail for staff as an example,
Enter your email address at Gmail sign in screen as usual.

2fa_ov_02

 

Gmail recognizes that your account is protected by Duo 2FA, and you will be redirected to a dedicated HKBU login page to enter your SSOid and password.

2fa_ov_03.png

After inputting your login information, you will be asked to either respond to a push message OR enter a one-time passcode to verify your identity – both can be done via your mobile device.

2fa_ov_04

You are now securely logged in

Getting Started

Register your mobile device starting 4 January 2018 by following the simple instruction given in the User Guide (refer to ‘Policies & Guidelines’ tab).

It will guide you through for a self-enrollment process to get your mobile device registered as the second authentication factor.  The process is very simple and should take only 2 minutes.  Please feel free to contact our Customer Service Call Centre if you need further assistance.

Systems Protected by Duo Two-Factor Authentication

–     G Suite (such as Gmail and Google Drive) for staff
–     BUniPort (starting 11 February 2019)
–     Webpages that are protected by Portal Login (starting 11 February 2019)
–     VPN (for General User and IT Administrator) (starting 11 February 2019)

More central IT services will also be 2FA enabled. Announcement will be made in due course.

SSOid Account Policy

Each University staff / student is entitled to a Single Sign On user id (SSOid) account for the duration of his/her association with HKBU to access intranet and U-wide IT services.

When an SSOid account is first created, it must be activated before it can be used.  To safeguard security, rules have been implemented regarding the format and expiration period of the password of an SSOid.  Please refer to the User Account Password Policy.

For details on User Account (SSOid) Management Policy, please click here (for ITO personnel only).

SSOid Account User Guides
Guidelines on using Two-Factor Authentication (2FA)
Free of Charge