Preparing Your Phone for Two Factor Authentication

There are several steps needed to configure your phone for use with the SRCPS.

Securing Your Phone

Information on securing your device is in the SRCPS User security Policy. Please ensure this has been read and understood this before proceeding with configuring two factor authentication access.

Installing a Two Factor Authentication Application

An application is needed to generate the one time login tokens which enable access to the SRCPS.

We support several mobile applications for both Android and iPhone:

Application

iPhone

Android

FreeOTP

Yes

Yes

Google Authenticator

Yes

Yes

Retrieving Your Token

Prerequisites

  • The Welcome email

  • A mobile phone with a Two Factor token management token installed.

Adding a Token to a Mobile Phone

The welcome email will contain the login URL for the platform.

Upon browsing to the link in the welcome email an user will be presented with a login page which looks similar to the image below. Here an user may enter their HPC credentials to proceed. If they are a member of the University of Cambridge these will likely be their raven credentials.

Login Page

If this is the first time an user has attempted to in they will be presented with a prompt to configure Two Factor Authentication. It will look similar to the below image.

2fa Prompt

An Example 2FA Configuration prompt.

The page has a barcode on it, which may be scanned by a Two Factor Auth management application. There is a video below showing this process for an android handset:

*An example of registering an Android phone with the SRCPS*

Recovering from a lost token or device

If an user loses their TOTP codes or mobile device, they will be unable to access the platform until they have raised a support request with the SRCP Support Team, who at that point are the only people who can regenerate the user’s TOTP codes. Before doing this however, the SRCP Support Team must go through a process to establish the real identity of this user. This involves confirming the reset with the SRCPS Client.

Warning

It is the responsibility of the SRCPS User to inform the SRCPS client their private token needs regenerating.

If you have lost your mobile device or token please submit a support request to the SRCPS helpdesk. The user must also notify the SRCPS Client; whom the SRCPS helpdesk contacts for approval. This must happen before the SRCPS helpdesk may issue a replacement token.

resetting your token diagram

Process flow for resetting your private token

Once the Client has approved the token reset request and the User has demonstrated ownership of their password the Helpdesk will issue a new Private token.