In an effort to boost security, some sponsors are moving to adopt two-factor authentication for accounts, most notably login.gov and NIH. We have a number of
"institutional" accounts that we use to access information with an admin username and password. The login information is kept in a central spot so that when needs arise within the office, multiple people are able to access as necessary. With two-factor authentication,
the second factor is tied to a phone number or secondary device to authenticate the person trying to access the account. This causes some issues when the person tied to the phone number is out, but also gets complicated with people working from home and devices
or phones not all synchronized.
How are your institutions handling this? Do you know of any best practices for two-factor authentication with shared, institutional accounts?
Thank you,
Amy Moakley
The University of Oklahoma
Research Information Services Coordinator
Office of Research Services
201 Stephenson Parkway Ste.3100
Norman, OK 73019
405-325-6255
405-325-4757 office
405-325-6029 fax