menu

How to use / register / delete authentication factors

Authentication flow

There is a difference in the authentication flow between access from the on-campus network (including VPN) and access from the off-campus network.

SSO authentication is possible by registering one of the authentication factors shown in the image on the right.

Authentication Device Setting Page

How to access

  1. Access the user profile screen.
    https://id.jaist.ac.jp/ui/user/login

  2. Log in at JAIST-SSO.
    *When accessing from an off-campus network, multi-factor authentication (e.g. OTP or certificate) must be prepared.

  3. Click on "Authentication Device Setting".

Check Authentication Device

The Authentication Device Settings screen allows the user to check and delete the devices that have been set as authentication devices. "Authenticator" refers to the OTP (Authenticator), "Passkey" to the FIDO2 authentication factor.

Registration of authentication factors

Click on the "Add" button and follow the prompts.

* Each account can register only one OTP (Authenticator). If it is already registered, the 'Add' button will not be displayed. To re-register, please delete the authentication factor first.

Deletion of authentication factors

  1. Click on the ︙ (three vertical dots) in the top right-hand corner of the authentication factor to be deleted.
  2. Click on "Delete device".
  3. Click "OK" when the message "Do you want to delete XXX?" is displayed.

[Attention]
When you have only one authentication factor registered, you will not be able to access the system from off-campus if you delete the authentication factor. Please make sure that another authentication factor are registered before deleting the authentication factor.
(e.g. register a non-JAIST email address for OTP (email) before deleting the Authenticator's OATH device).

OTP (Authenticator) recovery code

Recovery codes are random strings that can be used instead of the six digits of the one-time password to authenticate.
It is recommended that recovery codes are identified and kept in a secure file in case of a sudden failure of the OTP device.

[Note]
No recovery code is available for those who registered their one-time authentication device before February 2021.

 

【How to check】

  1. Click on the ︙ (three vertical dots) in the top right-hand corner of the OATH Device.
  2. Click on "Recovery Codes".
  3. Random strings are displayed.
    * There are 10 lines (10 recovery codes) by default. The number decreases with each use.
    * The recovery code displayed should be copied or printed and kept in a secure file.

    【How to use】

    After selecting OTP (Authenticator) on the authentication method selection screen, enter one of the recovery codes on the screen where usually a six-digit number is entered.
    * Once a recovery code has been used, it cannot be used.