{"id":12146,"date":"2019-03-01T09:33:10","date_gmt":"2019-03-01T14:33:10","guid":{"rendered":"https:\/\/cals.ncsu.edu\/intranet\/?p=12146"},"modified":"2021-01-14T10:35:45","modified_gmt":"2021-01-14T15:35:45","slug":"cals-it-update-two-step-verification","status":"publish","type":"post","link":"https:\/\/cals.ncsu.edu\/intranet\/news\/cals-it-update-two-step-verification\/","title":{"rendered":"CALS IT Update &#8211; Two-Step Verification"},"content":{"rendered":"<div class=\"gmail_default\">\n<p>On Monday, Feb. 25, the Office of Information Technology (OIT) changed the settings within Duo Security and Google Two-Step Verification (G2SV) (<a href=\"https:\/\/go.ncsu.edu\/2fa\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/go.ncsu.edu\/2fa&amp;source=gmail&amp;ust=1551537058777000&amp;usg=AFQjCNF47n-TtiA7R_MAdfPp5ODPNqkUXA\">https:\/\/go.ncsu.edu\/2fa<\/a>) that will allow you to trust your devices for 14 days.<\/p>\n<p>Recently, Google changed its G2SV policy for \u201cDevices you trust,\u201d such as\u00a0your own computer, from 30 days to indefinitely, while Duo&#8217;s \u201cRemember me\u201d\u00a0policy remained at 30 days.<\/p>\n<p>Due to security concerns, OIT was not supportive of an indefinite trust policy and supports a shorter duration for \u201cremember me\u201d and a consistent trust\u00a0policy that will offer end users and the university stronger protection.<\/p>\n<\/div>\n<div class=\"gmail_default\"><\/div>\n<div class=\"gmail_default\">Therefore, the changes that were implemented:<\/div>\n<div class=\"gmail_default\"><span style=\"font-family: tahoma, sans-serif\"><br \/>\n<\/span><b><span style=\"font-size: large\">Google 2-Step Verification (G2SV):<\/span><\/b><\/p>\n<ul>\n<li>The default will be that all web browser sessions will be trusted for 14\u00a0days\u00a0<b>IF<\/b>\u00a0you\u00a0<b>do not log out\u00a0<\/b>of your Google service, clear cache or cookies,\u00a0or change your password, your Google session will remain active for 14 days and you will not have to use a second factor.\n<ul>\n<li>If you log out, you will be asked the next time to 2FA. Many people do log out of Google every day, therefore they will need to 2FA each time they log back in.<\/li>\n<li>The \u201cremember me\u201d checkbox will no longer be available; any login to a Google service will require 2-Step Verification (2fa).<\/li>\n<\/ul>\n<\/li>\n<li>Mobile app logins are unaffected, unless you are using a mobile web browser to access Gmail or another Google service.<\/li>\n<\/ul>\n<\/div>\n<div class=\"gmail_default\">\n<p><b><span style=\"font-size: large\">Duo:<\/span><\/b><\/p>\n<ul>\n<li>The checkbox to \u201cRemember me for 30 days\u201d will change to \u201c<b>Remember me for\u00a0<\/b><b>14 days<\/b>\u201d.<\/li>\n<li>Web sessions that are older than 14 days will prompt for Duo authentication on next login.<\/li>\n<\/ul>\n<p><b>Reminders:<\/b><\/p>\n<ul>\n<li>Do not \u201ctrust\u201d machines that are not in your direct control, such as\u00a0shared computers or kiosks.<\/li>\n<li>Computers should be locked when not in use or left unattended.<\/li>\n<\/ul>\n<\/div>\n","protected":false,"raw":"<div class=\"gmail_default\">\r\n\r\nOn Monday, Feb. 25, the Office of Information Technology (OIT) changed the settings within Duo Security and Google Two-Step Verification (G2SV) (<a href=\"https:\/\/go.ncsu.edu\/2fa\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/go.ncsu.edu\/2fa&amp;source=gmail&amp;ust=1551537058777000&amp;usg=AFQjCNF47n-TtiA7R_MAdfPp5ODPNqkUXA\">https:\/\/go.ncsu.edu\/2fa<\/a>) that will allow you to trust your devices for 14 days.\r\n\r\nRecently, Google changed its G2SV policy for \u201cDevices you trust,\u201d such as\u00a0your own computer, from 30 days to indefinitely, while Duo's \u201cRemember me\u201d\u00a0policy remained at 30 days.\r\n\r\nDue to security concerns, OIT was not supportive of an indefinite trust policy and supports a shorter duration for \u201cremember me\u201d and a consistent trust\u00a0policy that will offer end users and the university stronger protection.\r\n\r\n<\/div>\r\n<div class=\"gmail_default\"><\/div>\r\n<div class=\"gmail_default\">Therefore, the changes that were implemented:<\/div>\r\n<div class=\"gmail_default\"><span style=\"font-family: tahoma, sans-serif\">\r\n<\/span><b><span style=\"font-size: large\">Google 2-Step Verification (G2SV):<\/span><\/b>\r\n<ul>\r\n \t<li>The default will be that all web browser sessions will be trusted for 14\u00a0days\u00a0<b>IF<\/b>\u00a0you\u00a0<b>do not log out\u00a0<\/b>of your Google service, clear cache or cookies,\u00a0or change your password, your Google session will remain active for 14 days and you will not have to use a second factor.\r\n<ul>\r\n \t<li>If you log out, you will be asked the next time to 2FA. Many people do log out of Google every day, therefore they will need to 2FA each time they log back in.<\/li>\r\n \t<li>The \u201cremember me\u201d checkbox will no longer be available; any login to a Google service will require 2-Step Verification (2fa).<\/li>\r\n<\/ul>\r\n<\/li>\r\n \t<li>Mobile app logins are unaffected, unless you are using a mobile web browser to access Gmail or another Google service.<\/li>\r\n<\/ul>\r\n<\/div>\r\n<div class=\"gmail_default\">\r\n\r\n<b><span style=\"font-size: large\">Duo:<\/span><\/b>\r\n<ul>\r\n \t<li>The checkbox to \u201cRemember me for 30 days\u201d will change to \u201c<b>Remember me for\u00a0<\/b><b>14 days<\/b>\u201d.<\/li>\r\n \t<li>Web sessions that are older than 14 days will prompt for Duo authentication on next login.<\/li>\r\n<\/ul>\r\n<b>Reminders:<\/b>\r\n<ul>\r\n \t<li>Do not \u201ctrust\u201d machines that are not in your direct control, such as\u00a0shared computers or kiosks.<\/li>\r\n \t<li>Computers should be locked when not in use or left unattended.<\/li>\r\n<\/ul>\r\n<\/div>"},"excerpt":{"rendered":"<p>On Monday, Feb. 25, the Office of Information Technology (OIT) changed the settings within Duo Security and Google Two-Step Verification (G2SV) (https:\/\/go.ncsu.edu\/2fa) that will allow you to trust your devices for 14 days.<\/p>\n","protected":false},"author":2917,"featured_media":2632,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"ncst_dynamicHeaderBlockName":"","ncst_dynamicHeaderData":"","ncst_content_audit_freq":"","ncst_content_audit_date":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[1],"tags":[],"class_list":["post-12146","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"displayCategory":null,"acf":[],"_links":{"self":[{"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/posts\/12146","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/users\/2917"}],"replies":[{"embeddable":true,"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/comments?post=12146"}],"version-history":[{"count":2,"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/posts\/12146\/revisions"}],"predecessor-version":[{"id":12159,"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/posts\/12146\/revisions\/12159"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/media\/2632"}],"wp:attachment":[{"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/media?parent=12146"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/categories?post=12146"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cals.ncsu.edu\/intranet\/wp-json\/wp\/v2\/tags?post=12146"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}