05 June 2024 - IT Security From 03 July 2024: Moodle via VPN
In recent months, the university's Moodle platform has increasingly been the target of attacks, so we are taking additional protective measures. In order to better protect our learning platform, Moodle, from such attacks, access to this service from outside the university network will be protected via a VPN (Virtual Private Network) connection from 03 July 2024. This means that, from this date, you will only be able to access Moodle via our VPN with multi-factor authentication (MFA) if you are off campus. It is important to note that the MFA token must also be set up from within the university network.
Multi-factor authentication (MFA) was introduced at the end of 2023 as a security measure. Since that time, users have only been able to log in to the central VPN, which can be used to establish an encrypted connection to the university's internal network, using a secure login procedure. All users need a time-based one-time password in addition to their username and password and must therefore set up a "token" from within the university network for this purpose. After which, you can access the university network and use protected services, like Moodle, from home or while on the road.
From 03 July 2024: Moodle only accessible in the university network or with VPN
From 03 July, it will only be possible to log in to the Moodle learning platform from within the university network or via a VPN connection. To log in to the VPN, all Moodle users must set up a one-time password generator, called a "token," for multi-factor authentication (MFA). You may have experienced similar procedures, for example, in online banking. Important: The token must also be set up from within the university network, e.g., on the eduroam Wi-Fi network or on one of the computers or workstations at the university.
Changes to using Moodle from 03 July: Token for VPN login required
- From 03 July, Moodle will only be accessible on the university network or with a VPN connection.
- To log in to the central VPN service, you need a time-based one-time password (TOTP) in addition to your username and password.
- The TOTP will be created with a one-time password generator, also called a token.
- When you log in on the VPN client, your time-based one-time password will be displayed by your token (e.g., on your smartphone with an app). You will enter this password as a second factor after entering your username and password.
Please note: Be sure to set up your token in a timely manner in order to be able to use VPN and Moodle when you are off campus from 03 July. This applies to employees as well as all students.
Create and manage tokens
You can set up and manage your token yourself in about 10-15 minutes. For this purpose, the URZ provides the MFA Token self-service platform LinOTP (only available within the university network!).
You can find all how-tos, video tutorials and further information as well as FAQs on the MFA Service Catalogue page.
Should you require assistance, please contact the IT Service (for students) or your IT representative (for employees).
Moodle: Set up your additional factor for a secure login now!
In the coming months, further services will be connected to the MFA service or made exclusively accessible in the university network or via a VPN connection in order to protect all members of the university and their data.