In Castor, you can configure two-factor authentication (2FA) for your account. This means that, upon login, you will have to enter an extra authentication code generated by the Google Authenticator app on your phone or tablet. This adds an extra layer of security to your Castor account - potential attackers will need not only your account details, but also your physical device with the Google Authenticator to be able to access your account.
To enable 2FA, first make sure that the Google Authenticator app is installed and updated on your phone/tablet. In Castor, go to 'Account Settings' by clicking on your user name in the top right corner) and scroll down to the 'User details' section. Select 'Yes' in the 'Enable Google Authenticator' section. A QR code will be displayed - you need to scan this code in the Authenticator app on your device or manually enter the provided key:
Once you have scanned the QR code or entered the key, Google Authenticator will display a 6 digit code, enter this code into the field and click 'Configure'.
Once configured, CastorEDC will appear in your Google Authenticator app. Every time you log into Castor, you will need to provide the 6-digit code generated in the Authenticator app.
Two-factor authentication is account-based and not study-based.
We can enforce 2FA and/or 90-day password rotation for email domains for your institute. If interested, submit a request here.