Two factor authentication is now required by UBIT and CCR.  Users can manage their two factor TOTP (time-based one-time password) configuration by logging onto the identity management portal.  When the user first navigates to the site they are required to login with their CCR username and password.  If the user has "two factor authentication" enabled they would be required to enter their username along with their "Password+OTP." The OTP (one time password) is a code generated in the app the user used when enabling two factor authentication on their CCR account.  CCR accounts can use most time-base one-time password generators; however we recommend Duo or Google Authenticator.  


It is important that users understand that they need to enter their password and OTP together in one string without any spaces or characters such as "+" in between them, or they won't be able to login.  These OTP codes are generated by the app and change every few minutes. 

NOTE: many of the apps (i.e. Google Authenticator and Duo) display the 6 digit code with a space separating the first 3 numbers with the second set.  When logging in to CCR resources, do NOT enter the space.


For example, if my password is: Henry45!

and my new generated OTP is: 123 456

I would enter this in the password field: Henry45!123456





OnDemandColdFrontand LakeEffect (research cloud) all utilize this same login method as they authenticate through the IDM portal.

More info on OnDemand can be found here

More info on ColdFront can be found here
More info on the LakeEffect research cloud can be 
found here




Web portal logins


Some of our other web portals like WebMO, don't specify how to enter the OTP code when logging in.  Users must enter "Password+OTP" in the Password field, as one continuous line with no spaces or characters in between them.  See the example shown above for logging into the IDM portal, OnDemand and ColdFront.

NOTE: many of the apps (i.e. Google Authenticator and Duo) display the 6 digit code with a space separating the first 3 numbers with the second set.  When logging in to CCR resources, do NOT enter the space.




SSH client logins


If a user is using SSH/SFT/SCP to access CCR services, passwords are no longer accepted.  Users are required to use SSH keys.  Please see this article on uploading SSH keys to your CCR account.


More info on using SSH to login to CCR resources for your operating system can be found in the following articles:


SSH for Linux

SSH for Windows

SSH for MacOS