Skip to content

Multi-factor Authentication

As part of our ongoing commitment to data security and compliance with NIST 800-171 requirements, MFA is now required for users who access Controlled Unclassified Information (CUI) in the wi-hpc cluster, including dbGaP and NBDC datasets.

Quick Start

1. Log into cluster

ssh user@wi-hpc

2. Start the MFA Setup

google-authenicator

When prompted, with Do you want authentication tokens to be time-based (y/n)?, type y to accept.

3. Scan the QR Code

A QR-Code will now appear on your screen, open the Microsoft Authenticator application on your phone, and scan it (blue button in bottom left). A new entry will now appear on your Microsoft Authenticator app.

QR-Code

4. Enter Verification Code

Back in your terminal, enter in the 6-digit code from your device (make sure you refresh by swiping down on the app).

5. Save Emergency Scratch Codes

Emergency Scratch codes will appear in your terminal, make sure to save these somewhere safe (e.g., Bitwarden).

6. Confirm File Location

It will then ask you where to save the .google-authenicator file. This defaults to your home directory, please accept this default with y.

7. Final Prompts

Answer y to all remaining prompts to complete the setup.

8. You're All Set

Finally, you will be setup for MFA on the wi-hpc cluster.

Now, when you login, you will be prompted for a verification code as well as your password (hence MFA).

ssh user@wi-hpc
(user@wi-hpc) Verification code:
(user@wi-hpc) Password:

As always, please see Getting Help if you experience any issues and/or have any questions.

Troubleshooting/FAQ

Why do I need to do this

As part of our ongoing commitment to data security and compliance with NIST 800-171 requirements, we are implementing an important change for users who access Controlled Access Datasets (CAD), including dbGaP and NBDC datasets. We know it's an extra step, but this federal requirement for controlled access datasets helps keep our computing environment compliant and your research data secure. We appreciate your cooperation.

I lost my code in Microsoft Authenticator / I got a new phone

If you deleted or lost your code in your Microsoft Authenticator app, use one of the Emergency Scratch codes to login. Once, logged in run google-authenticator again to regenerate the QR code and overwrite your old config.