Two-Factor Authentication
Welcome to Two-Factor Authentication (2FA)
Protect Your University of Chicago Account
Two-factor authentication (2FA) enhances the security of your CNetID by using your device (e.g., mobile phone, landline, tablet, or hardware token) to verify your identity. This prevents anyone but you from using your account to log in to University websites, even if they know your CNetID password. Learn more
Using 2FA protects you on many of the University's most frequently used online services and systems, including the Grants Management System (AURA), Workday, UChicago Canvas, Box, G Suite, the Academic Information System (AIS), and many others.
What devices can I use with 2FA?
You can register your mobile phone, tablet, biometric identifier (fingerprint and face recognition tools that come with your devices), or security key for 2FA verification. You can buy security keys online as long as they are WebAuthN/FIDO2 enabled, or you can purchase a security key from the ID & Privileges Office. Please register at least two devices with 2FA to avoid difficulties with verifying your identity if your only enrolled device is unavailable.
What is Okta?
Okta is a single sign-on tool that allows you to log in once for a preset period of time (usually eight hours at the University of Chicago) to any Okta-protected service that you're eligible to use, and then have access to all other Okta-protected sites to which you have access without having to log in again.
How will using 2FA affect how I login to services?
After you enroll in 2FA, when you log in to any 2FA-protected website or service, you will enter your CNetID and password, and then use your smartphone or another device to verify your identity.