Setting up two factor authentication for UPPMAX

For security reasons you will have to use a two factor authentication system if you are a) connecting to UPPMAX from outside of Sweden, or b) connecting from a network within Sweden that does not support forward and reverse DNS lookups (due to a misconfiguration in your network, you can ask your internet service provider about this). More information about why can be found here.

By requiring a second factor, typically a cell phone or other physical device, it becomes much harder for an attacker to gain access to your account if they somehow have gotten hold of your password (which in this case is the 1:st factor). Instructions to set this up follows below.

Some of the points in the list below are link you can click on for more detailed instructions.

1. Select an app to use.
2. Go to https://suprintegration.uppmax.uu.se/bootstrapotp/.
3. You should be sent to SUPR. In case you are not logged in already, log in to SUPR.
4. Acknowledge to SUPR that they may tell UPPMAX who you are by pressing the button "Prove My Identity to UPPMAX" on the page.
5. Scan the QR-code with a second factor authentication app of your choice in your smart phone. For example "Google Authenticator" by Google or "Authy" by Authy Inc.
6. Your application will show you a code, enter this code on the same webpage.
7. You should see an acknowledgement that the new two factor has been registered.
8. It will take some time before your second factor is imported to our systems. You should get a mail within a few minutes notifying you of the newly registered token.
9. When it has been activated you will be able to use it to login by giving the current code from the app when asked for.
   

Advanced usage and alternative setups (without smart devices).

Once your token has been activated you can use the temporary code generated by your application to login.

Troubleshooting

Some of the common problems we've seen include

• Not having an account at UPPMAX. This is required to get the second factor for your account.
• Using a device having it's time set differently from our systems. There are services on the internet (e.g. https://time.is/) you can visit from the device you try to manage the code on that will show you if your device settings are problematic.
• Noting the code given at first and trying to use it every time when asked for a code. The code to give will change every thirty second and you should give whatever code is shown at the time.
• Expecting something else to be sent to you. You register the new second factor as part of the process. A confirmation mail is sent as well, but this is mostly to let you know in case your account details in SUPR have gone astray and someone else has registered a second factor for your account.
• It takes a little while before your newly registered factor is usable, but this should be a matter of minutes, not days. There is no extra mail sent to let you know that the newly registered factor is usable, just the confirmation mail that mentions that it will be activated soon.