Between October 29 and November 12, 2018, the Payroll and Human Resources (PHR) system will begin using the University of Maryland's Central Authentication Service (CAS), which requires multi-factor authentication. MFA will be required in order to use PHR to access earning statements, complete timesheets, and perform all other PHR tasks.
All UMD and University System of Maryland community members must use multi-factor authentication to log into all university resources that use CAS. Some major systems that use CAS are ELMS-Canvas, ELMS-Canvas, Testudo, Terrapin Express, Box, and library services.
What is multi-factor authentication? Multi-factor authentication requires the use of two of the three authentication factor categories: something you know, something you have, and something you are. This adds a layer of security because hackers will need more than just a password to use your accounts. In order to log in, you will need:
- Your Directory ID and password
Either a mobile device, a hardware token, a phone that can receive voice calls, or a one-time use code (this video playlist shows all of the methods in action)
Here's how to enroll in multi-factor authentication:
Step 1. Enroll a device and a backup device/print one time use codes:
- Mobile device (iPhone, Android, Windows phone, tablet)
- Hardware token
- Phone that can receive voice calls
- One-time use codes
This video shows the setup process for a mobile device:
Frequently Asked Questions
- Terrapin Express
- Library services
- Any other system that uses CAS (Central Authentication Service)
- Enroll a phone that can receive voice calls and use Duo's callback feature.
- Acquire a hardware token that you will need to keep with you. It will generate a single-use six-digit code every time you need to authenticate. Tokens are $20, and they can be purchased at Terrapin Tech (1221 McKeldin).
- Generate one-time use codes.
To enroll using one-time use codes, please go to Terrapin Tech in person. A technician will assist you with enrollment and permissions to print one-time use codes (they will print the first 10 for you). Please remember to generate a new list of one-time use codes before you use your last code. If you run out of codes, you will not be able to log into systems utilizing CAS until you contact the Service Desk to verify your identity. See these instructions to print more one-time use codes. Please protect your codes like you would secure any other important personal information -- keep them in your wallet or in a safe and secure place.