MFA, or multi-factor authentication, is an electronic identification method that ensures a user is only granted access to an application or website after successfully providing two or more authentication factors. One of the most commonly used MFA factors is the Time-based One-Time Password (TOTP). TOTPs are 6-to-8-digit temporary codes randomly created by mobile authentication apps like Google Authenticator and Microsoft Authenticator. The code is available for a short time after the request, after which it can no longer be used and a new code is generated.
Belnet and multi-factor authentication
Until now, for all the Belnet services to which you log in with your Belnet Personal Login, you had the choice to log in with or without MFA, depending on which IDP you chose. More specifically, this concerns the services Belnet Portal, Domain Name Registration, Belnet Storage, DDoS Dashboard, eduroam, govroam, guestroam and eduGAIN services. From 7 December, only one IDP server will be presented when logging in to these services and this IDP server will automatically use MFA, or not use it, depending on your last setting. The MFA service is now also fully redundant and the database for the TOTP seeds has been equipped with the necessary back-up mechanisms so that, in principle, you only need to create a TOTP seed once.
We notice that, from the implementation of the MFA service up to today, only a few Belnet Personal Login users have activated the MFA service. Because MFA helps to better protect user information and sensitive business data, we would like to strongly recommend the use of multi-factor authentication. You can activate MFA at any time and easily deactivate it later if you wish.
More information about MFA can be found on the technical FAQ pages for the corresponding Belnet services. Instructional videos on how to activate and deactivate MFA will be posted on these pages soon as well.