Multi-Factor Authentication in the Skills Hosting Portal

Owned by Joe Robson (Unlicensed)
Last updated: May 14, 2019
1 min read

As part of our ongoing programme of security improvements on our hosting platform, we are updating the sign-in process to require 2-step authentication. 

After entering your hosting username and password, you will be prompted for a one-time passcode which will be sent to you by email.  

Upon successful authentication, an HTTP cookie is stored on the client device for 60 days removing the need to interactively perform 2-step authentication on every login. The HTTP cookie is a valid second factor as it is something the person ‘has’ as opposed to something they ‘know’. 

These improvements are implemented using Microsoft Active Directory Federation Services (ADFS) to provide single sign-on access to our hosting environment. ADFS intercepts requests to URLs for the Hosting Portal, Remote Desktop Gateway and Web Applications, requiring 2-step authentication before granting access to the requested resource.