With a registered smart phone and a multi-factor authentication app, users are now able to add another layer of security beyond password protection when accessing certain XSEDE resources.
Cyber attacks grow in volume and sophistication every day, requiring constant vigilance to protect against the pernicious exploitation of computing resources. Accordingly, XSEDE has begun making a supplemental method of computer access control available as an option to its users to provide further shielding from such attacks.
The method, known as multi-factor authentication (MFA), requires an additional “factor” beyond a password, thus supplying an additional layer of security for access to resources.
A factor can be a hardware device (called a token) or a registered smart phone with an associated MFA application (called a soft token). XSEDE’s implementation of MFA involves the computer user’s XSEDE portal password and a software application from a vendor named Duo Security.
A cloud-based capability, XSEDE’s MFA is in place on the Single Sign On Hub, the Darter resource at the National Institute for Computational Sciences (NICS), and the Greenfield and Bridges resources at the Pittsburgh Supercomputing Center (PSC). Other XSEDE service providers are also anticipated to bring MFA online for the resources they manage; as they do so, announcements to that effect will be made.
Applying this added security method requires registering as an XSEDE Duo MFA user, registering a smartphone (or phone number), and downloading the Duo two-factor authentification application.
When a user is authenticating to an XSEDE service provider that has MFA, the user’s smartphone app is notified and makes an “accept” or “deny” request of the MFA soft token. Upon acceptance of the MFA, login is allowed to proceed.
“MFA significantly reduces the risk of unauthorized access to resources, and users are highly encouraged to employ it,” said Victor Hazlewood, XSEDE’s deputy director of Operations.
Access documentation on registration and use of Duo MFA.
Submit questions via the XSEDE User Portal.
Scott Gibson, science writer/communications specialist, NICS, JICS
Article posting date: 15 June 2016
About JICS and NICS: Established by the University of Tennessee and Oak Ridge National Laboratory, the Joint Institute for Computational Sciences (JICS) is a conduit and a nexus for research collaborations and a provider of advanced computing resources. It also is an educator in cutting-edge computing focused on solving the most difficult problems in science and technology. JICS operates the National Institute for Computational Sciences (NICS), a leading academic supercomputing center and a major partner in the National Science Foundation's eXtreme Science and Engineering Discovery Environment (XSEDE).