Complete Cybersecurity Training to Prevent Interruptions to UCI Single Sign-on Applications
UC Irvine continues to update, strengthen and elevate its information security processes to achieve new standards that all UC’s have committed to upholding. As part of the ZotDefend initiative, we must reach 100% compliance for completion of yearly Cybersecurity Awareness Training for all employees. Due to recent efforts, we are pleased to share that we have increased compliance from 86% to 96%.
Beginning Monday, February 10, 2025, if you are overdue to complete Cybersecurity Awareness Training, you will be restricted from accessing UCI Single Sign-on applications until you have completed the training.
This list includes applications such as:
UCPath – University of California’s single payroll, benefits, human resources, and academic personnel solution for all UC campuses and medical centers
Commute Parking – UCI Transportation and parking services
Timesheets – UCI site for submitting employee timesheets
Campus Groups – UCI Campus Community site
FileNet – enterprise content management solution for securely storing UCI Campus and UCI Medical Center content
The following applications will NOT be affected by the restriction:
UCLC
Canvas
ServiceNow
VPN with SSO enabled
UCI SSO Temporary Access Extension
Point and Click (PNC)
Last fall we began to display reminders in your UCI Single Sign-on process when your training is coming due or overdue. Enforcement of this restriction emphasizes the importance of our commitment to ensuring our entire UCI workforce is educated about the most important cybersecurity issues we’re facing as a community.
Emergency Extension
If you require emergency access to a restricted application and are unable to complete the overdue training immediately, you will have the option to enable a one-time extension. This will grant you continued access for 7 days, after which you will be restricted again if the training is not completed.
For more about ZotDefend and to see FAQs, visit the project page. For more information regarding cybersecurity and how you can protect yourself from cyberattacks, visit the Information Security website.
Login Changes Coming to Duo Multi-Factor Authentication
On October 19, 2023 the UCI Single Sign On (SSO) process is changing slightly. You will no longer need to select “send a push” after entering your UCInetID and password. It will automatically send a push to the last used device. The update should be seamless for most UCI faculty, staff and students, with no interruptions to services.
Below you will find the new four step process for logging in:
Step 1: Login to an SSO-enabled service (such as ZotPortal or Canvas) as you normally would with your UCInetID and password.
Step 2: The page that states the Duo push has been sent to your phone will look a little different.
Step 3: Open the Duo Mobile app and tap Approve. You will be automatically taken to the website you were trying to visit on your computer (ZotPortal, Canvas, etc). In the event that you don’t receive the push notification, you can select “Other options” where you can enter a 6-digit code to login (this code can be found in your Duo Mobile app).
Step 4: The page will reload asking you if this is your device. If you are using your own device, click on “Yes, this is my device” to have it remember your Duo authentication for the next 24 hours or if you are using a public computer select “No, other people use this device”, and you’re done!
Additional details can be found in this Knowledge Base article. If you need assistance with this process after the go-live on 10/19, please reach out to the Help Desk by emailing oit@uci.edu or via phone at 949-824-2222
Duo multi-factor authentication is now required to access UCI’s virtual private network (VPN). This new requirement applies to all users who are already enrolled in UCI’s Duo MFA.
The process of connecting to the VPN will change slightly, with details outlined below:
After selecting the Connect button, a popup window will appear requesting the user’s UCInetID and password.
Next, users enrolled in the Duo MFA system will be prompted to use Duo.
Please note that if you are unable to connect to the VPN using the new method, change the connection group in the pulldown menu to either ‘UCI-classic’ or ‘UCIFull-classic’. The original login screen will appear where you’ll enter your UCInetID and password. Below the password box, type the word ‘push’ (without the quotes) and then select OK. You will receive a push from Duo and will be able to login.
Upon completion, you will be connected to the VPN.
About Duo MFA
Duo is a multi-factor authentication system that acts as an added layer of protection to accounts by using a second source of validation, like a cell phone or token, to verify the user’s identity before granting access. Multi-factor authentication can result in up to a 96% decrease in stolen credentials.
Additional information regarding VPN access is available on OIT’s website. For assistance, contact the Help Desk by emailing oit@uci.edu.
Beginning on March 2, 2021, Duo multi-factor authentication will be required for all UCI Office 365 accounts. Using Duo will strengthen security when accessing your UCI Outlook, Calendar, OneDrive, Teams, and other O365 services.
The Office of Information Technology (OIT) has been working to roll out Duo multi-factor authentication across all campus platforms with the ultimate goal of having all employees and students using Duo to protect our most used platforms by the end of 2021. Duo provides an added layer of security by requiring a second source of validation, in the form of a push notification on your phone, tablet or smartwatch, in addition to your username and password. Multi-factor authentication with Duo is already required for employees to access most other key UCI platforms.
We are encouraging all UCI Office 365 users (staff, faculty, and student employees) to opt-in to Duo for O365 now so that we can address issues before it may impact your work.
Here’s what to do now:
Enable Duo for O365 before March 2, 2021 Login, select “Enable” and submit. You may need to login again to any existing O365 sessions you have open.
If you run into any issues, you can go back to the link above, select “Disable,” and report it to the OIT Help Desk before March 2 at oit@uci.edu or 949-824-2222.* *iOS users may need to remove and re-add their accounts. See note below for details
What should you expect?
Desktops and laptops
Before March 2, ensure you are using compatible software to access O365 by reviewing the Duo + Office 365 article. If you are using different software, it likely doesn’t support modern authentication and you will need to move to something supported.
On March 2, O365 services will ask you to re-authenticate (login with your username and password). When you login, you will be prompted to authenticate with Duo.
Smartphones and other mobile devices
We recommend that users download the Outlook mobile app for the best mobile email experience.
Apple/iOS devices
Some people may encounter an issue with using Duo on the native Apple mail app. If so, you may need to remove and re-add your Office 365 accounts. See Microsoft 365: How to setup Apple Mail and Apple Calendar. Alternatively, we recommend using the Outlook mobile app.
If you have any issues or feedback, contact the OIT Help Desk at oit@uci.edu or 949-824-2222.
