The University of Arizona

Frequently Asked Questions - NetID+ (Plus)

 
UA NetID+ (Plus) uses two types of authentication to verify your identity: your UA NetID login/password, and an authentication code. NetID+ is an optional service for UA employees and students that provides additional security when logging on and enables university systems to verify user’s identities with more certainty. This is especially important for protected and sensitive systems such as UAccess, D2L, or VPN.

Dual or Two-Factor Authentication is where users must authenticate twice to access a system or application. Once the opt-in process is completed, users can enable the 'Global NetID+' setting, which will enforce second-factor authentication for all sites utilizing UA WebAuth or Shibboleth authentication services for login – such as CatMail, D2L, and UAccess. In addition, two-step authentication can help protect your UA account should someone else learn your password.

 
There are three options available for receiving authentication codes:
  • Free Duo Mobile app on your Smartphone, Tablet, or iPod (Apple Store or Google Play)
  • SMS text messaging or through a phone call using a landline
  • Hardware token using YubiKey (purchase of YubiKey required)

The Duo Mobile Authenticator app is one method users can employ to complete their two-factor authentication. Duo does not use an authentication code, instead it uses push notifications on the Duo-enabled device to request that the user verifies and confirms an authentication attempt in real-time. Duo Mobile and NetID+ are connected via Internet and periodically require a WiFi or Data connection. Duo is available on the app stores of iOS, Android, BlackBerry and Windows Phone devices.

 
Users who do not have a data connection or are overseas without the ability to receive SMS messages will not be able to receive the authentication code in real time. Instead, they should anticipate their need for access to university systems and can request a list of 10 authentication codes which can be used in lieu of an instantly generated authentication code. For more visit the NetID+ service page.
When you are prompted for a second authentication using NetID+, you can select the 'Remember this device for 30 days' checkbox. By selecting this option, you will not be prompted for a second authentication for 30 days. After the 30-day period, you will once again be prompted for a second authentication.
  • This feature currently applies to UA WebAuth and OWA services.
  • 'Remember Me' must be enabled on each computer/device/browser you log in with. In addition, if you clear your browser’s cache, the 'Remember Me' will need to be enabled again. 
  • 'Remember Me'is not a feature that can be added to the VPN Client.
  • NetID+ is currently enabled on Outlook Web App (OWA) and some Virtual Private Networks (VPN). 
  • All members of the CIO/UITS/Information Security departments are required to sign up for NetID+ by March 1, 2015. 
  • Faculty, staff, and students will be required to sign up for NetID+ by April 30, 2015 to access the campus VPN.
  • Research computing HPC/HTC systems require NetID+.