One way to increase the security of computer systems is to use multiple factors for authentication. Typically, this will be two factors and follows the pattern of authenticating with a "knowledge" factor, which is something you know, like a password, and a "possession" factor, which is something that you have. The latter is typically a key or one time password often generated by a device. In the near future we will be implementing a two factor authentication system for the HPC resources. The technology that has been chosen is called Duo from Duo Security. This is the same technology that was deployed for the University of Iowa Employee Self Service site.
We are currently kicking off a pilot of two factor authentication. If all goes well in the pilot then all HPC users will be required to authenticate with two factor authentication. More information will be coming shortly. If you would like to participate in the pilot please send a note to HPC-Sysadmins
There is an ITS Duo support site that has all of the information that you will need to get enrolled for using Duo. Please direct all questions regarding enrollment to the ITS Help Desk, whose contact information is listed on the Duo support site. The most convenient method for managing Duo, particularly on the HPC systems, is via Duo's app for smartphones. There is support for all, or most, types of smart phones; see this page for more information.
Once you are enrolled in Duo you are ready to use it on the HPC systems. Usage is fairly straight forward and is very similar to what you may be accustomed to with Web sites, such as the UIowa Employees Self Service site. All of the authentication methods are supported however, given that the HPC systems are shell systems, theĀ duo-push method is very convenient for automation.