Welcome to Two-Factor Authentication (2FA)

Protect Your University of Chicago Account

Two-factor authentication (2FA) enhances the security of your CNetID by using your device (e.g., mobile phone, landline, tablet, or hardware token) to verify your identity. This prevents anyone but you from using your account to log in to University websites, even if they know your CNetID password. Learn more

Using 2FA protects you on many of the University's most frequently used online services and systems, including the Grants Management System (AURA), Workday, UChicago Canvas, Box, G Suite, the Academic Information System (AIS), and many others. View a list of the most commonly used University services and systems that are protected by 2FA on answers.uchicago.edu

What is Shibboleth?

Shibboleth is a single sign-on tool that allows you to log in once for a preset period of time (usually eight hours at the University of Chicago) to any Shibbolized service that you're eligible to use, and then have access to all other Shibbolized sites to which you have access without having to log in again.



How will using 2FA affect how I login to services?

After you enroll in 2FA, when you log in to any 2FA-protected website or service, you will enter your CNetID and password, and then use your smartphone or another device to verify your identity. You may choose to log in using 2FA each time you connect to one of these services, or you may allow 2FA to automatically log in for you for up to 30 days. If you attempt to log in from an unknown computer or smart device during the 30 day period, you'll be prompted to approve your 2FA connection again for that device.



What devices can I use with 2FA?

You can register a mobile phone, tablet, landline, or a hardware token. You are encouraged to register at least two devices with 2FA to avoid difficulties with verifying your identity if your only enrolled device is unavailable.