In Castor, you can configure two-factor authentication (2FA) for your account. This means that, upon login, you will have to enter an extra authentication code generated by the Google Authenticator app on your phone or tablet. This adds an extra layer of security to your Castor account - potential attackers will need not only your account details, but also your physical device with the Google Authenticator to be able to access your account.
To enable 2FA, first make sure that the Google Authenticator app is installed and updated on your phone/tablet. In Castor, go to 'Account Settings' by clicking on your user name in the top right corner) and scroll down to the 'User details' section. Select 'Yes' in the 'Enable Google Authenticator' section. A QR code will be displayed - you need to scan this code in the Authenticator app on your device or manually enter the provided key:
Once you have scanned the QR code or entered the key, Google Authenticator will display a 6 digit code, enter this code into the field and click 'Configure'.
Once configured, CastorEDC will appear in your Google Authenticator app. Every time you log into Castor, you will need to provide the 6-digit code generated in the Authenticator app.
Two-factor authentication is account-based and not study-based.
We can enforce 2FA and/or 90-day password rotation for email domains for your institute. If interested, submit a request here.
When receiving a new device or in case a device was lost, it is necessary to move the authenticator app to a new device or disable it completely by accessing the Google's two-step verification Web page and modifying the settings there, as you first need to verify your new device within the Google Authenticator app. More information can be found on the Google Account Help page: Using a new phone to receive 2-Step Verification codes
Please note: Changing the 2FA setting in your account to no does not deactivate it completely. You will not be able to regenerate the QR-code when you set it back to 'Yes'. If you run into a problem with deactivating your 2FA please contact us.