About 2-step Authentication(One Time Password)

  • Why 2-step Authentication (Login Password and One Time Password) is necessary? Recently, so many password leakages have happened all over the world, which led to information leakage. JAIST provides users with email and other services through a user name and password authentication, which might have occurred information leakage by password leakage (one step authentication). In order to prevent information leakage caused by password leakage, JAIST introduced 2-step Authentication for the services used outside campus.
  • What is 2-step Authentication? "2-step Authentication" means one more checking function in addition to authentication by a user name and its corresponding password. JAIST executes time-based one time password (6 digits, generated every 30 seconds).
  • Reference (provided by IPA, Information-Technology Promotion Agency, only in Japanese)
    不正ログイン対策特集ページ(IPA 情報処理推進機構) ("Countermeasures for unauthorized login")
    不正ログイン対策のための「2段階認証」設定手順書(IPA 情報処理推進機構) ("2-step Authentication setting procedure manual to take measure against unauthorized login")

The Process of Setting up 2-step Authentication (Login Password and One-Time Password)

1. The initial step is to obtain the secret encoded key to use for setting up the 2-step authentication. 

It is an operation to get (register) "seed" (secret encoded key) for generating a one time password. This is possible only from the campus LAN.
Please be careful not to let others know this "seed".
If others know it, please get new seed (re-register).

2. The second step is to set up the 2-step authentication system so as to obtain the one time password.

Configure the application settings for generating a one-time password using the "seed" got in step 1.
Please select an app according to your device.

  • App for Mobile device(iOS and Android):
                             Microsoft Authenticator
                             Google Authenticator.
                             You can choose to use either, the functionality is the same.

  • App for Windows: WinAuth
  • App for macOS: OTP Manager

For any app, the one-time password generated at the same time is the same value.
Therefore, it is possible to use one-time password generation on a mobile terminal and access to WEB mail on a Windows machine.

3. The final step is logging into the JAIST-SSO System

When using a service that requires a one-time password (such as web mail), enter the 6-digit number displayed in the one-time password generation app in step 2.