What changes with two-factor authentication?

The system is transitioning from single-factor authentication (username and password only) to Multi-Factor Authentication (MFA). This means that, to log in, you will need to confirm your identity using at least two distinct methods.

What are "Authentication Factors"? A factor is a piece of evidence proving your identity. In cybersecurity, these are divided into the following categories:

• Something you know: Username and Password (considered together as a single factor).
• Something you have: Your smartphone or a device used to generate a code (e.g., an OTP from the IDP app).
• Something you are: Biometric data, such as a fingerprint or facial recognition.

How to log in successfully: To meet the new security requirements, you can use one of the following combinations:

✅ University Credentials + OTP: By entering your username and password (1st factor) and the OTP code generated by the app (2nd factor), your authentication is valid. ✅ Level 2 SPID or CIE (or higher): These systems natively require two factors (password + temporary code/app), therefore they fully meet the security requirements of the University of Brescia.

⚠️ Please Note: ❌ Level 1 SPID or CIE: These are not accepted. Since they only require a username and password (a single factor), they do not guarantee the required level of security.