Overview of legacy two-factor authentication (2FA) at TTU


Introduction

No one at Texas Tech University or from anywhere else should ask for your password.

TIP: A short URL (askit.ttu.edu/2fa) is in place which redirects to this content.

Two-factor authentication (2FA) is an additional layer of security added to the authentication process. The purpose of 2FA is to ensure you are the only person who can access your account, even if someone knows your password. At TTU, the legacy 2FA service requires that, in addition to your eRaider username and password, you enter a code that is sent to you via SMS text message or a voice call. 2FA is required to access certain high-security web resources.

This feature is referred to as "legacy" 2FA to differentiate it from modern methods, such as Microsoft multifactor authentication, that are being added to TTU IT services.

Explanation

How it works

After you authenticate with your username and password, you will be prompted to receive a verification code via a voice call or SMS text message to the number already entered into your contact information within the eRaider Account Manager.

Texas Tech verify your identity page with the voice call and text message fields outlined and the continue button highlighted

Once the code is received, it can be used to access the eRaider-authenticated site.

enter the verification code field underlined with the verify button highlighted

NOTE: In order to maintain an eRaider account, it is necessary to have a contact number capable of receiving either text messages or automated voice calls. There are no alternatives to this policy. For more information, please view our list of ideas for fulfilling the requirement for an eRaider contact phone number.

Add more protection

If you would like additional protection for your account, you may opt in to 2FA for additional eRaider authenticated web resources. This enables legacy 2FA for all sites which use eRaider Web Sign-in (eRWS).

NOTE: Some services may authenticate using your eRaider username and password but not using eRWS technology, such as domain authentication to a Mac or Windows PC, Shibboleth, and Microsoft 365. Opting in to 2FA for additional sites will not affect your sign-in process for such services. Please contact the administrator of the service or website for additional information.

Info for website administrators

From a technical perspective, legacy 2FA can be set as required for any website which uses eRWS. Interested administrators of applications may submit a request for review.