Launch of two-factor authentication at KIT

The introduction of two-factor authentication at KIT improves the security of sensitive IT applications. In the first step, the business processes in the SAP system are secured with two-factor authentication.

Hardware token that generates a one-time password as a second factor by pressing a button.

Recently, successful phishing attacks have been repeated in the past, with KIT employees spying out their access data. Due to the increased threat situation, the IT Security Officer (IT-SB) has recommended the introduction of a two-factor authentication for logon operations when application systems are handling data with increased protection needs. Following this recommendation, the KIT Executive Committee mandated the Scientific Computing Center (SCC) to implement and introduce two-factor authentication. This improves the security of sensitive IT applications. The introduction of two-factor authentication first of all concerns the digital business processes in SAP systems.

The two-factor authentication is implemented by means of hardware tokens, which are requested in addition to the KIT user name and KIT password (http://www.scc.kit.edu/dienste/kit-account) during the registration process. All KIT employees will use the SAP systems in the course of the gradual introduction of ESS (Employee Self Services). For this reason, the SCC already distributes the necessary hardware tokens to all employees. The SCC is usually supported by the secretariats and/or IT representatives of the OUs on site.

If you are not currently using SAP applications (such as SRM, BW, Person Days), the introduction of two-factor authentication has no immediate effect for you at present.

If you are already actively using the SAP systems, you will need a hardware token to log on to the SAP Web portals (https://sapwp01.orbitsap.kit.edu:9060/irj/portal) from November 13,2017. A step-by-step preview of the planned authentication on the SAP Web Portal can be found at http://www.scc.kit.edu/dienste/11372.php.

Information on the planned conversion to KIT authentication with tokens and access to the SAP applications is sent to the employees in a separate mail.

Before using the SAP Web Portal, you must first associate your personal hardware token with your KIT account. Please visit https://my.scc.kit.edu/token/register for this purpose. In the second window, enter the value that your token indicates at the push of the button.

More detailed instructions or hints on how to deal with problems can be found at https://www.scc.kit.edu/dienste/2fa

If you have any questions, please contact the SCC ServiceDesk (tel. 8000).