Single Sign On with CAS Service

(※) The authentication seed management page used to set up a new CAS multi-factor authentication can only be accessed from within the university. In addition, it is possible to register from outside the university only for the first time access to the account on the Authentication Seed Display Page when logging in for the first time. If for some reason you lose your settings for multi-factor authentication and find it difficult to come to campus, resetting your authentication seed after verifying your identity will enable you to set it up as your first login. If you need to reset the authentication seed, please attach a photo of your Meidai ID and an ID card (student ID/staff ID, or an official one with a photo) to confirm your identity. (See Troubleshooting Multifactor Authentication CAS)

CAS (Central Authentication Service) is an implementation of the Single Sign On (SSO) (1) service. Nagoya University provides an SSO service through CAS, which allows authentication with a Nagoya University ID and password. With CAS, you can utilize several information services -such as the Nagoya University Portal, NUCT, and faculty database- using only your Nagoya University ID and password. (1) An information infrastructure technology component that allows access to multiple information services with a single ID and password.

Recent developments in information security show that authentication with only an ID and password is not sufficient to ensure security. In response to this, we are preparing a Multi-Factor Authentication CAS which adopts multi-factor authentication (or 2-factor authentication) satisfying the widely-used OATH-TOTP standard, and sequentially migrate the authentication for information services to Multi-Factor Authentication CAS.

In addition to the Nagoya University ID and password, authentication for Multi-Factor Authentication CAS requires an "Authentication Code" which is a 6-digit number that changes at 30 second intervals (see below figure). The Authentication Code is presented on an Authentication Application - which has an Authentication Seed registered - or a hardware token. The hardware token requires additional expenses to purchase, so we recommend you to use the Authentication Application as far as possible.
Note that we recommend the use of Microsoft Autenticator(for smartphones).

See below for how to set up multi-factor authentication.

• Authentication Seed Registration to the Authentication Application
• Trial Run of Multi-Factor Authentication CAS
• Registration of a Hardware Token

Summary of above are also provided as below PDF documents.
Japanese: how_to_setup_MFA-CAS_for_user_ja.pdf
English: how_to_setup_MFA-CAS_for_user_en.pdf

Note: The URL of the Multi-Factor Authentication CAS authentication server starts with "auth-mfa.nagoya-u.ac.jp". (Be careful of fraudulent CAS servers)

Troubleshooting for multi-factor authentication CAS

For a more detailed case study description, please Q&A on multi-factor authentication CAS.

• Accidental deletion of authentication apps or loss of hardware tokens
  (Click here to request initialization if you cannot come to campus.)
  • Backup and recovery of Microsoft Authenticator credentials
  • Authentication Seed Management Page
  • IT helpdesk
  • Authentication seed display page at first login
  • In case of loss of hardware token
• If the authorization code is not accepted
  • Setting up automatic time correction
    • Windows: Right-click on the time in the notification area → select "Adjust date and time" → select "Date and time" → turn on "Set time automatically
    • Android smartphone: Select "Settings" icon -> "System" -> "Date & Time" -> "Specify network time".
  • How to register an authenticated seed to multiple terminals
  • IT help desk (Web-based inquiries)

About the system using multi-factor authentication in Nagoya University

To improve security, Nagoya University has introduced an authentication method that uses multi-factor authentication, such as a one-time password (authentication code), which is a 6-digit number that changes every 30 seconds on multiple systems.-detail

There are multiple systems that introduce multi-factor authentication 、 Since settings are required for each account, if account authentication is managed by another system, it is necessary to set each.

Currently, Nagoya University has introduced multi-factor authentication into the following systems.

• Authentication system described on this page
• THERS account
• Roundcube for Nagoya University Mail System and Integrated server mail
• Multi-factor authentication independently introduced in each system（NSSS）

A collection of video links explaining multi-factor authentication CAS

If you want to use the authentication app for PC / smartphone, please refer to the video below and go to the multi-factor authentication CAS authentication seed management page to register the authentication seed in the app.

• 【movie】Authentication Seed Registration to Microsoft Autenticator(for smartphones)
• 【movie】Authentication Seed Registration to Google Authenticator(for smartphones)
• 【movie】Authentication Seed Registration to WinAuth(for Windows)
• 【movie】Authentication Seed Registration to Step Two(for macOS)
• 【movie】Trial Run of Multi-Factor Authentication CAS
• 【movie】Registration of a Hardware Token

Question and Answer for Multi-Factor Authentication CAS

If you need help, please see the following QA
・Question and Answer for Multi-Factor Authentication CAS

If you could not resolve problem with above Q & A, please ask question to IT Help Desk.