Secure logon (Two-factor authentication)

NMBU has implemented Secure logon (Two-factor authentication) on NMBU services off Campus. This means that you must use an extra one-time code (OTP) from SMS or app when logging in to NMBU services via computer, mobile and tablet. The exception is NMBU controlled PCs on campus networks. These PCs will not be required one-time code to log-on.

If you do not enable secure login, you will not be able to access NMBU services outside the NMBU network

You can choose between using one-time code via SMS or app

Secure logon with app:

Log ion to brukerdata.nmbu.no from a PC, under the tab “Secure logon” you will see a QR code. Download the “Microsoft Authenticatior” app from the App Store or Play Store to your mobile phone. Launch the app, add an account, scan the QR code. The app acts as a code chip, generating new code every 30 seconds. There is no cost to install or use the app. Click for additional guidance

Secure logon with SMS:

In order to use one-time codes from SMS, you must first consent that we can use your mobile number in conjunction with two factor authentications. This is done by logging on to brukerdata.nmbu.no, going to the tab “Secure logon” and choosing which number to use. Remember to save your selection. Click for additional guidance

It doesn’t cost anything to receive text messages, even abroad

When private and / or job mobile numbers are not in NMBU’s systems.

If your mobile number is not available for selection under Secure logon, or the number is incorrect, the number must be entered in UBW / Agresso or FS before you can use it to receive one-time codes on SMS. It will take some time from entering the mobile number in UBW / Agresso or FS before it becomes available on brukerdata.nmbu.no.

Student Guide (FS)
Guide for employees (UBW / Agresso)

Remember that you must activate the number via brukerdata.nmbu.no after it has been registerred in UBW / FS.

What is Two-factor authentication (2FA)?

Two-factor authentication is a safer way to log in where the user must confirm their identity twice, usually first with user name and password and then using a device such as cell phone or code chip. For NMBU’s part, the authentication will take place by user name and password, then one-time code on SMS or App.

Why?

Many have experienced attempts to fraud them in to give up the user name and password. When the user name and password are astray, criminals (hackers) can access NMBU systems and manipulate, delete, or copy out data. They may use the access to attack or abuse NMBU’s IT systems or to take over and send out fake emails from NMBU users.

Having unauthorized control over your email, they can reset the passwords on any other services you use, and effectively block you from all your digital life.

Is it completely secure when using Two-factor authentication?

No, it’s not 100% secure. For example, some may make fake webpages that also allow us to enter the one-time password at the same time as the password. We must therefore always be on guard. The advantage of Two-factor authentication is that fraudsters can only act like us on one service and only once per scam (the codes are usually unique and only valid once)

So even though it is not completely secure, it is so much safer that everyone should activate it.

Read more about secure login here: (external websites).

Password advice from National Cyber Security Centre: https://www.ncsc.gov.uk/guidance/multi-factor-authentication-online-services

Guides to enable Two-factor authentication privately from Nettvett.no no https://nettvett.no/2-trinns-bekreftelse/