Jump to main content

Microsoft and neptun two-factor authentication

Many applications, such as banks, have long been using two-factor authentication (2FA) to protect their users from potential fraud. The idea behind two-factor authentication is that, after entering your username and password, you are required to enter the 6-digit code generated by your downloaded authenticator application each time you log in. 

Corvinus is also looking to improve overall system security to defend against IT security attacks. For Microsoft and neptun accounts, user authentication is therefore a mandatory two-step process 

Important: The neptun two-factor authentication, which requires your neptun password, should not be confused with Microsoft/CUSMAN account authentication, which of course requires the CUSMAN password!  

Both neptun and Microsoft account authentication require a separate setup, they are completely distinguished systems, accessed by entering the appropriate password for each account. 

Authenticators 

To enable two-factor authentication, a smartphone is required. You can choose from several authenticator applications, such as: 

Google Authenticator 

NISZ Authentication 

Microsoft Authenticator 

We highly recommend the use of Microsoft Authenticator for two-factor authentication; this is the application used in this guide to demonstrate the general process of setting up two-factor authentication. It is also a convenient solution, as you will need to validate your CUSMAN/Microsoft 365 login from here. 

Please install your preferred authenticator app on your smartphone before you start the two-factor authentication registration process. 

General process for setting up two-factor authentication 

Neptun two-factor authentication 

The first time you log in, when you are already required to use two-factor authentication, you will need to register your smartphone with the authentication app of your choice in your neptun account. Please note that once registered, you will also need your paired smart device for each login to neptun. 

After entering your neptun code and neptun password in the neptun web interface, the following pop-up window will appear on the login page the first time you are required to use two-factor authentication.  

The registration of two-factor authentication can be started by scanning the QR code with the pre-downloaded authenticator app. For Microsoft Authenticator, once opened, clicking on the “+” sign will bring up the Add Account tab, where you can scan the QR code by selecting the “Work or school account” option.  

The 6-digit token (code) will then appear on the main page of the application.  

After entering your neptun password and the token that the authentication application has just generated for your neptun account, the two-factor authentication setup is successful. 

Please note that the validity of the token is always 30 seconds! The application will then generate a new 6-digit number sequence.  

For these reasons, we recommend that you register using one computer and one phone, i.e., two separate devices, so that you do not run out of the 30 seconds! 

From the moment you have registered for two-factor authentication, you will need to enter the 6-digit code currently generated by your authenticator application every time you want to access the neptun interface (as is the case for many other applications). When logging in, after entering your neptun code and password, the following window will pop up, requiring you to enter a token to proceed. 

In the case of an unsuccessful login due to an invalid token, you will have to try again by entering a new token. It is important that you always choose the correct line in the authenticator, i.e., the line with the neptun token, and not the CUSMAN line. 

If you need help 

If you encounter any problem when setting up two-factor authentication and/or logging in to neptun, you can start a new case with your problem via the article “How to set up two-factor (2FA) authentication?” in the “Neptun two-factor identification” menu of the Do It Online! platform. For the article mentioned above, please only start a new case with a problem you have with neptun two-factor authentication. 

Microsoft 365 / CUSMAN two-factor authentication 

The first time you log in to your Microsoft account in any of the applications where you use your university email address (all Microsoft applications such as Outlook, Teams, MyCorvinus app and MyCorvinus Hub), you will need to register a second authentication mode. 

You can choose from the following secondary authentication methods (for Microsoft account only):  

  • downloading an authenticator app (recommended) 
  • confirmation code sent by SMS 
  • identification by telephone 

The authentication mode must be selected and configured once. After that, for each new login, and after 30 days at the latest for accounts that are left logged in, you will need to enter a numeric code as a second step after the email address and password, which you will receive either in the app or via SMS (depending on your choice). The only time you will not need a second step to log in is if you wish to connect from the university network (i.e., connected to the buildings’ Wi-Fi or the university’s VPN network).  

During the setup process, the system guides all users through each step, but to be on the safe side, we have also included a short guide to the setup. Microsoft’s description of the service is available here. 

If you need help 

If you encounter any problem when setting up two-factor authentication for your Microsoft account, you can contact the IT Helpdesk (ithelpdesk@uni-corvinus.hu) for help. Please only contact this e-mail address if you have a problem with Microsoft/CUSMAN two-factor authentication.

Frequently asked questions (FAQ) 

Frissítés dátuma: 2024.06.21.

What is two-factor authentication? 

Two-factor authentication (2FA) is a security setting that adds a second layer of protection to your user account, ensuring that only you can access your neptun/Microsoft account. Two-factor authentication is a combination of two different pieces of information, the pair of which allows you to access the system. The first element is always the login with a username and password, followed by a dynamically variable element called the 2FA token. You will always be able to access the token from the authenticator app downloaded on your smartphone. 

Why is two-factor authentication necessary? 

Two-factor authentication is needed to keep your data as secure as possible, because even if your account password is compromised in a cyber-attack, they cannot access your neptun, emails, documents, cloud services or even Teams messages, as one more step is needed to verify your identity 

Who does the mandatory neptun two-factor authentication apply to? 

The mandatory two-factor authentication of neptun applies to all newly admitted, conditionally admitted, active and passive students. 

If you have already graduated, you will no longer be subject to the compulsory requirement, but you can continue to use it as an option. 

If you do not have a smartphone for neptun authentication 

If you do not have a smartphone, you will need a computer to proceed the authentication. Depending on the operating system of your computer, you will need to download the following application:  

Please note that in this case, you will only be able to log in from the computer running the code generator, so we strongly recommend using your smartphone instead. 

To set up FortiToken on a computer for neptun authentication, proceed as follows: 

Once downloaded, install FortiToken on your computer. Once the installation is complete and you have opened the application, you can start the registration process by clicking on the “+Add” button at the bottom right of the interface.  

The “Account Name” field can be named anything you like (e.g. your neptun code), this will be the name of the key in the application. In the “Key” field, enter the string that you will find in the neptun registration window when you click on the “Show code” button in the panel. In the “Category (Fortinet or 3rd party)” field, select “3rd Party” 

In the FortiToken application, after filling in the missing cells, click on the “Donebutton in the bottom right corner of the interface. 

After that, the 6-digit token (code) will appear on the main page of FortiToken, which you will need to enter in the neptun registration window together with your neptun password. After this step, the two-factor authentication setup is successful. 

I have lost/replaced my smartphone, what should I do? 

If you have lost/replaced the smartphone that was running the authenticator, you will no longer be able to log in as the two-factor is linked to your old phone; you will need to restart the registration process. We are the only ones who can cancel your authentication, so please be sure to let us know via the following ways: 

For Microsoft 365 / CUSMAN authentication: please contact the IT Helpdesk (ithelpdesk@uni-corvinus.hu) to invalidate the two-factor authentication of your Microsoft account. 

In case of neptun authentication: please start a new case via the Do It Online! interface under the Neptun two-factor identification menu item at the “Report a lost/replaced smartphone” article. 

Once you report the absence/replacement of your smartphone, the two-factor identification is centrally deleted to prevent unauthorised access via your smartphone. 

Please do not leave the request to the last minute, as colleagues can only receive the request and carry out the deletion during weekday working hours. 

Important: Once 2FA authentication has been deleted from your accounts, you must immediately set up new authentication on another smartphone to keep your data protected. When re-registering, you must delete the previous accounts in the authenticator app. To delete the previous key, click on the code running in the authenticator app that you want to delete and follow the steps needed to delete the account. 

My neptun registration failed, what should I do? 

If the two-factor registration in neptun fails and you have already closed the QR code window, but the corresponding account has already been created in the authenticator app, make sure to delete the previously created code account in the authenticator app before re-registering. This is important because the code account created during the failed registration is not valid and you will not be able to use it again. 

How to install neptun authentication on multiple devices?

If you want to register your account for multiple smart devices, all you have to do is scan the QR code that pops up in neptun with all the devices you want to use for authentication in the future, and then enter the token generated by one of them (all devices must generate the same token!). Please note that you must download the authenticator app of your choice for all smart devices you want to authenticate with, and you have to perform the registration simultaneously with all devices. 

Will I still be required to use neptun two-factor authentication if I am no longer a student?   

After your student status ends, you will still be able to use the neptun two-factor identification, but you will no longer be required to do so. This means that you have the option to deactivate the authentication, which you can do by going to your neptun account and clicking on the “Two-factor authentication” tab under My Data -> Settings. However, in order to protect your personal data, we recommend that you keep two-factor authentication enabled in your account even if you are no longer a student. 

How does neptun two-factor authentication affect course and/or exam registration? 

The course and exam registration are done in the same way as before, but please note that you will have to enter the generated token at the end of the waiting time (if there is no free space on the server) when logging into neptun. 

When entering the token, neptun identifies the code as invalid, even though there was no typing error when entering the token; I am sure I entered the correct code from the application 

The generation of the 6-digit token is time-sensitive, so it can take as little as half a minute for the computer and the paired smart device to be detected as invalid. This results in mismatching codes and the same message being displayed as if a typing error had occurred.  

Examples of this problem are when the clock on at least one of the devices is set to a different time zone / is running even half a minute early or late / has not been updated after daylight saving time, etc.  

Therefore, please make sure that the device you want to log in to neptun/Microsoft and the paired smartphone running the authenticator show the exact same time. You will be able to update the date and time on your phone or computer in the Settings menu of your device. 

If you have a special character in your neptun password (e.g. ‘ ” + ! # etc.), please change your password using the Forgotten password function. Please set a password without any special characters. 

In this case, it is advisable to restart the whole setup and delete the registration from the authenticator. 

Special character in the neptun password 

If you have a special character in your neptun password (e.g. ‘ ” + ! # etc.), please change your password using the Forgotten password function. Please set a password without any special characters. 

Copied to clipboard
X
×
GEN.:2024.07.15. - 03:13:31