Two-factor authentication (2FA) will prompt you to enter a one-time passcode provided via text message, a mobile authenticator app when you log in from personal devices. (An example is at the end of this article). In the event that your password is compromised, this adds an extra layer of protection that is more difficult to bypass.
Contents:
- Log In and Verify Your Email Address
- Enrolling a Mobile Phone for SMS (Text Message) Passcodes
- Removing a Mobile Phone Number from your Account
- Enable a Mobile Authenticator (Optional)
- Enable 2FA for your Account
- Verifying OTP Delivery Methods
- Example of Logging In with 2FA
Log In and Verify Your Email Address
Follow the steps below to enroll:
1. In a web browser, navigate to https://login.whccd.edu
-
Enter your WHCCD Username
-
Enter your WHCCD Password
-
Select Login
-
Select Registered Email Address
-
Verify that your personal email address is correct. If it is incorrect, select Change my email and enter your new address. You’ll be sent a one-time passcode to that address to enter for verification.
Note: This must be a non-West Hills email address. This email provides an alternate way to receive a passcode should your phone be inaccessible for any reason, or if you need to reset a forgotten password (in which case you would not be able to access your WHCCD email address to retrieve the code).
Enrolling a Mobile Phone for SMS (Text Message) Passcodes
If you would like to enroll your mobile number to receive SMS (Text Message) passcodes, follow the steps below. Otherwise, you may enroll via a mobile authenticator app here.
1. Select Registered Phones
2. If your phone is not listed, select Add new phone
If your phone is already listed, proceed to the Enable 2FA section below.
3. Enter your current WHCCD password.
4. Select Continue
5. Enter your 10-digit phone number.
6. Select Continue
7. Enter your One Time Passcode (OTP) that you receive via SMS.
8. Select Continue
9. Select Refresh the account management page. This is important, because otherwise you will receive an error when you attempt the next step.
You are now ready to proceed to the Enable 2FA section below.
Removing a Mobile Phone Number from Your Account
If you no longer wish to receive two-factor codes via a mobile number, you can remove it from your account with the instructions below.
-
From the Account Management page (https://login.whccd.edu) click on Multi-Factor Delivery Methods
-
Check to see if Website Login or Password Reset is currently set to Phone. If so, these must be changed to another method prior to removing your phone number.
-
If one of them is set to Phone, click Change next to that action.
-
Select a new OTP method
-
Click Continue
-
Expand Registered Phones
-
Click Remove next to the phone number you wish to remove
-
Enter your Password
-
Click Continue
10. Click OK.
Your number is now removed.
OPTIONAL - Enable a Mobile Authenticator
A mobile authenticator can be used in place of SMS for obtaining the One Time Passcodes. Instructions for mobile authenticator enrollment follow:
Examples of mobile authenticators are Google Authenticator, Microsoft Authenticator, and Duo Authenticator. Some password managers also support one-time passcodes.
These steps must be done from a computer or other device so that an on-screen barcode can be scanned with your mobile device.
-
Click Mobile Authenticator.
-
Click Enable Mobile Authenticator.
-
Choose your phone type in the dropdown menu.
-
Enter a description of how the account will appear in the mobile authenticator app. You can leave the default.
-
Click Continue.
-
Scan the barcode with your mobile authenticator app
-
Enter the passcode shown in your authenticator app to confirm a successful enrollment.
-
Click Continue.
9. Click Refresh the account management page link. This is important because otherwise, you will receive an error when you attempt the next step.
You are now ready to proceed to the Enable 2FA section below.
Enable 2FA
1. Select Enable/Disable Muilti-Factor
2. Select Enable Muilti-Factor for my account
3. Enter your WHCCD password
4. Select Continue
5. Select OK to continue.
6. Confirm that Multi-Factor has been enabled.
Verifying OTP Delivery Methods
1. Expand the OTP Delivery Method field
2. Verify that the method next to Website Login is set to your preferred authenticator. This can be via email, phone (text message), mobile authenticator, or YubiKey, depending on your preference. If it is not, click Change, select your preferred authenticator from the dropdown, and click Continue.
Logging in with 2FA
The next time you log in from a browser off-site, you will see the following login prompt after submitting your username and password. The additional One Time Passcode field will appear, in which you'll enter the code received via text message.
Optionally you can choose to remember this device so that One Time Passcodes are not required from this browser in the future. Remembered devices expire every 30 days.
Comments
0 comments
Article is closed for comments.