Beginning Monday, February 24, OIT is implementing Duo “Verified” Push for UCPath. A verified push is a more secure version of the standard Duo Push notification, where instead of simply approving a login attempt on your phone, you are required to enter a unique three-digit code displayed on the login screen to verify your identity, providing an extra layer of protection against potential phishing attacks or accidental approvals.
Faculty and staff will only see this special type of push if Duo suspects suspicious activity and determines an added layer of protection is necessary. Otherwise, Duo will log in using the normal push system the UCI community is used to.
Please continue to deny any push that is not sent as a direct result of attempting to log in to a protected system. If there is suspected suspicious login activity, contact the Help Desk at oit@uci.edu.
Our ZotDefend campaign, launched fall 2024, continues to protect UCI’s digital world. As a community, you’ve already committed to completing cybersecurity training, which offers a first line of defense against cyber risk. We thank you for your diligent completion of this important yearly compliance.
Now we’re shifting our focus to strengthening the security of our multi-factor authentication system, Duo. In the coming months, additional safeguards will be implemented into Duo to fortify the system to even greater levels of protection.
Our ask: Please ensure your Duo application is updated to version 4.49 or higher.
Running Duo on the latest version allows our security settings to be tailored to the highest industry standards, and helps protect important data and resources such as UCPath.
Beginning February 19, 2025, if your app is not utilizing 4.49+, a pop-up compliance reminder will appear in your Duo Mobile App on your phone.
If you see this, please update immediately with directions from this KB article.
If your device is unable to update due to outdated technology or other compliance issues, contact our Help Desk for more information.
If you have questions regarding ZotDefend or updating your Duo application, please contact our Help Desk at oit@uci.edu.
Complete Cybersecurity Training to Prevent Interruptions to UCI Single Sign-on Applications
UC Irvine continues to update, strengthen and elevate its information security processes to achieve new standards that all UC’s have committed to upholding. As part of the ZotDefend initiative, we must reach 100% compliance for completion of yearly Cybersecurity Awareness Training for all employees. Due to recent efforts, we are pleased to share that we have increased compliance from 86% to 96%.
Beginning Monday, February 10, 2025, if you are overdue to complete Cybersecurity Awareness Training, you will be restricted from accessing UCI Single Sign-on applications until you have completed the training.
This list includes applications such as:
UCPath – University of California’s single payroll, benefits, human resources, and academic personnel solution for all UC campuses and medical centers
Commute Parking – UCI Transportation and parking services
Timesheets – UCI site for submitting employee timesheets
Campus Groups – UCI Campus Community site
FileNet – enterprise content management solution for securely storing UCI Campus and UCI Medical Center content
The following applications will NOT be affected by the restriction:
UCLC
Canvas
ServiceNow
VPN with SSO enabled
UCI SSO Temporary Access Extension
Point and Click (PNC)
Last fall we began to display reminders in your UCI Single Sign-on process when your training is coming due or overdue. Enforcement of this restriction emphasizes the importance of our commitment to ensuring our entire UCI workforce is educated about the most important cybersecurity issues we’re facing as a community.
Emergency Extension
If you require emergency access to a restricted application and are unable to complete the overdue training immediately, you will have the option to enable a one-time extension. This will grant you continued access for 7 days, after which you will be restricted again if the training is not completed.
For more about ZotDefend and to see FAQs, visit the project page. For more information regarding cybersecurity and how you can protect yourself from cyberattacks, visit the Information Security website.
Login Changes Coming to Duo Multi-Factor Authentication
On October 19, 2023 the UCI Single Sign On (SSO) process is changing slightly. You will no longer need to select “send a push” after entering your UCInetID and password. It will automatically send a push to the last used device. The update should be seamless for most UCI faculty, staff and students, with no interruptions to services.
Below you will find the new four step process for logging in:
Step 1: Login to an SSO-enabled service (such as ZotPortal or Canvas) as you normally would with your UCInetID and password.
Step 2: The page that states the Duo push has been sent to your phone will look a little different.
Step 3: Open the Duo Mobile app and tap Approve. You will be automatically taken to the website you were trying to visit on your computer (ZotPortal, Canvas, etc). In the event that you don’t receive the push notification, you can select “Other options” where you can enter a 6-digit code to login (this code can be found in your Duo Mobile app).
Step 4: The page will reload asking you if this is your device. If you are using your own device, click on “Yes, this is my device” to have it remember your Duo authentication for the next 24 hours or if you are using a public computer select “No, other people use this device”, and you’re done!
Additional details can be found in this Knowledge Base article. If you need assistance with this process after the go-live on 10/19, please reach out to the Help Desk by emailing oit@uci.edu or via phone at 949-824-2222
