Password management and two-step verification

According to the new mandatory user password management policy, access to University of Pécs (UP) IT services is only allowed with a password that complies with the new policy, which requires UP user accounts to use passwords with a minimum length of 12 characters (mandatory elements: uppercase, lowercase, number, special character; with the last 10 passwords not being repeated).

Two-factor authentication was made available with Neptun version 2023.2 and will be mandatory for all faculty users to use for Neptun login from 31 August 2023.

 

Managing passwords

The central electronic password management support system is available at https://password.pte.hu

The new mandatory user password management policy sets the password expiry date at 180 days (90 days for lecturers), which means that after this time, users will not be able to access UP systems until they change their password. The user will be notified of the password expiry 14 days before the expiry date by e-mail and in the Windows notifications on the domain computers.

Before changing your password, please make sure to forget your wifi connection on your IT devices to avoid locking your access privileges.

You can conveniently perform the password change in the following ways:

  • Via https://password.pte.hu, the electronic password management support system

  • Using the Change Password command from the menu that appears when you press Ctrl+Alt+Del on your domain computer connected to the University wired network (if you are using a personal domain profile)

  • As aa lecturer, in the Neptun system

 

Using PTE Central Authentication, you can access a number of university IT services with your username (Neptun/EHA code) and password, which will be affected by the change. The completed password change will be completed with a synchronization with the UP's M365 system, whereby the change will be applied in M365 environments (e.g. Exchange Online, Teams, SharePoint, OneDrive, etc.).

These processes take some time, so please wait a few minutes after the password change before identifying yourself anywhere in UP systems.

IMPORTANT!

Please note that after changing your password, you need to change the passwords saved on your devices (e.g. eduroam wifi, Teams, Exchange client).

Saved passwords may cause the user account to be locked out, so you will not be able to access UP systems until the account is unlocked, which you can also do at https://password.pte.hu.

If you encounter a problem changing your password, please contact the UP IT Help Desk (0-24).

 

Using password.pte.hu

To use the central password management system, it is essential to use the default phone number registered in your Neptun account and to select the appropriate function. Most functions do not require logging in to the site.

Password Manager

If you are a new user, you can set your password by using the Setting a new first password function. If your mobile number is not registered in the Neptun database by default, you can request a password (token) by email from the Faculty's Registrar’s Office (for students) or the IT Helpdesk (for staff).

 

The Change a forgotten password or unlock a locked account function is used in two cases:

  • if you have forgotten your valid password; or

  • your account is locked ("Your access privilege has been temporarily disabled." error message)

The use of this function requires a password change.

 

The Change expired password function allows you to change a password that has expired after 180 days (90 days for lecturers). The login name (EHA or Neptun code) is required to use this function, and the expired password must be entered.

 

The Change password function is used if you want to change your existing password that has not expired, e.g. for privacy reasons. To use this function, you must log in to the site and enter your current password and mobile phone number. After logging in, you can use the Register mobile number function to change or delete the phone number used for identification.

 

Two-step Verification

If you see an error message regarding multi-factor authentication not in your Neptun account, but your M365 accounts (Teams, Moodle, Outlook etc.), the problem is not with your two-factor authentication, but the so called MFA authentication. You can find information about MFA on the website of the Directorate for Information Technology.

Two-step Verification means that, in addition to the login name and password pair, a unique code generated by a separate authentication application is required to access the Neptun web interface.

  • Authentication apps can be installed on a mobile phone, the recommended authentication app is Microsoft Authenticator. For more information on how to download and install the Microsoft Authenticator app, please follow this link.

  • If you do not have a smartphone, you can also use the FortiToken Windows application installed on your computer as an authentication application. You can start downloading the FortiToken app by clicking on this link.

  • You can also use a different authentication app than the above apps, such as Google Authenticator or the NISZ authentication app (for android and IOS), but the preferred and supported apps are Microsoft Authenticator or the FortiToken app.

  • For Linux, an application called Twilio Authy is available, which can be used to register a two-factor key in a similar way to FortiToken, and will then generate a 6-digit token to identify you on login.

Microsoft Authenticator is compatible with iOS version 11.0 or above, Android version 6.0 or above. Fortitoken is available for Windows 10 version 14393.0 and above.

The authenticator app requires you to register your Neptun account. The registration can be done after logging into the Neptun web interface, under Profile settings, in the Password settings tab. Registration requires scanning the QR code in the already installed application or entering the authentication code generated in the registration interface and the password used to log in to Neptun.

 

The process of registering an authentication application from Neptun is shown below.

  1. Download Microsoft Authenticator or Fortitoken. You can log in to Microsoft Authenticator with the Microsoft ID you used at the UP (username@tr.pte.hu), but the application will create a new account for the Neptun login. The Microsoft Authenticator application M365 account ID will not work when authenticating the Neptun login. Select the "Other account (Google, Facebook, etc.)" option (option 3) when adding an account!

2-faktor - FortiToken      2-faktor - Microsoft

 

  1. In the Neptun web interface, you can start the registration process by navigating to the Two-step verification section of the Profile settings / Password settings menu and then clicking the Setup button.

 

Profile settings

 

  1. After cllicking Setup, a pop-up window will appear:

 

QR code

 

  1. Scan the QR code displayed in Neptun in Microsoft Authenticator. If you have Fortitoken Windows Authenticator installed, enter the 56-digit text code (Show the code) from the pop-up window in Neptun instead of the QR code.

2-factor - FortiToken registration      2-factor - Microsoft registration

 

2-factor - FortiToken code      2-factor - Microsoft code

 

If you create the authentication code using an application installed on a computer (Fortitoken Windows) rather than a mobile application and you use Neptun to log in from multiple computers, you must have the authentication application on each computer. It is then important to save the 56-digit text code associated with the QR code and register your Neptun account with the same code in each installed application.

The 6-digit code generated by the installed application must be entered in the cell under the "Enter code" heading, and the password for the Neptun account - which is also used in the central identification system - must be entered in the field under "Password". Please also make sure that you enter your password correctly, and if you use a more complex password, make sure to enter it first so that the 6-digit token you enter does not expire while you are typing it.

 

  1. After successful registration, the account named University of Pécs will appear in the main menu of Authenticator. If you are logged in with the Microsoft ID you use at UP (username@tr.pte.hu), the account you created separately will also appear. Each time you log in to Neptun, you will be asked to enter the authentication code (token) generated by the application in this account. The authentication code (token) is updated by Authenticator every 30 seconds.
    Attention! In the authenticator application, you can always use the 6-digit code generated by the last account you set up!

2FA code

 

If you are planning to change your device, you may want to temporarily turn off two-factor authentication in Profile settings / Password settings before you do so. In the application installed on the old device, delete the account linked to Neptun. On the new device, create a new account as described above.

If you no longer have access to your old device, or if you encounter problems registering, please contact your faculty’s administrator or the Education Management Office at neptun@pte.hu.