Date: September 30, 2024
Teruhisa Hochin, Chief of Information Security Officer
[Important] Implementation of Multi-Factor Authentication for Email and Its Mandatory Use – Effective November 1, 2024
To prevent unauthorized access through impersonation and to enhance security, we have implemented multi-factor authentication for the email service. Please enable and make use of this feature right away.
From the implementation date below, multi-factor authentication settings for all email services will go into effect. We would like to encourage everyone to begin using multifactor authentication at their own pace prior to this date, to familiarize themselves with the process.
Mandatory Multi-Factor Authentication for Email Services
- Implementation Date: November 1, 2024 (Friday)
- How to Use Multi-Factor Authentication: [Link to instructions in English]
https://info.cis.kit.ac.jp/wiki/pages/viewpage.action?pageId=125567660&scmLanguageKey=en
Important Notes:
- After the November implementation date, multi-factor authentication will be required when logging into email software and webmail from external (non-KIT) networks or eduroam.
- If you do not use email from external networks or eduroam, you do not need to configure multi-factor authentication.
- Multi-factor authentication does not apply when accessing email from the university’s internal network (excluding eduroam) or while connected via VPN. In these situations, continue to use your ID and password as before.
- For persons using the administrative email address (@jim.kit.ac.jp), multi-factor authentication has already been enabled.
- Currently, there are restrictions on sending emails from external networks, but these will be lifted around mid-November after multi-factor authentication is implemented. Further information will be provided as it becomes available.
Multi-Factor Authentication Steps:
Whether you are using webmail or email software when accessing email from external networks or Eduroam, first, log in to your webmail account using your ID and password. You will then need to enter a single-use password to complete authentication. You can obtain this single-use password either by installing a dedicated smartphone app or through another of your email addresses.
Multi-factor authentication is valid for 14 hours. To exceed this, log in to your webmail account again after 14 hours to re-enable multi-factor authentication. KIT has encountered numerous incidents of phishing and other cyberattacks that resulted in the theft and misuse of login IDs and passwords. These compromises led to the sending of spam emails. By implementing multiple authentication factors, we aim to enhance security and minimize the risk of unauthorized access and impersonation.
Relying solely on passwords for security has become increasingly challenging. We appreciate your understanding and cooperation in this matter.
For inquiries, contact the Center for Information Science
Online: https://helpdesk.cis.kit.ac.jp/
For Specific Breaches: “Having trouble with a system?”
For Other Issues: See “Get assistance with general IT problems and questions.”