Eiger Authentication Update, February 2020


Topics:

 

Update Overview

This Eiger update involves an overhaul of our account and login infrastructure. We are replacing our SMS-based (text-based) multi-factor authentication system with app-based multi-factor authentication, the more secure solution. During the update, SMS-based multi-factor authentication (MFA) will be disabled and all linked Google accounts will be unlinked. After the 90-minute maintenance window is complete, all users – including users who typically log in using Google single sign-on or SMS-based MFA – will need to log in to Eiger using the email address and password associated with their account.  

If you previously used SMS-based MFA, or would like to start using app-based MFA: First, download a time-based one time password (TOTP) app of your choice to your mobile phone (see below). Log in to Eiger, then set up app-based MFA following the instructions in Set Up App-Based Multi-Factor Authentication, below.

If you would like to begin or continue using Google Single Sign-On: Log in to Eiger using the email address and password associated with your account, then link your Google account following the instructions in Enable Google Single Sign-On, below. If you need to reset your password, see Reset Password.
Note: If your Gmail address is not the email address associated with your Eiger account, you will not be able to enable Google Single Sign-On.

  

About Time-Based One Time Password (TOTP) Apps

Time-based one time password apps continually generate verification codes that expire after a certain amount of time and which are meant to be used for one login only. The verification codes generated by your TOTP app are linked to your Eiger account, so only you can use them to log in. The temporary and account-dependent nature of such verification codes adds an additional layer of security to your Eiger account. Some examples of free TOTP apps include: Google Authenticator, Symantec, Duo Mobile, and 1Password.

In the previous SMS-based MFA system, you would log in to Eiger with your account credentials, receive a text message containing a verification code, and enter the verification code to complete the login process. With app-based MFA, you would download a TOTP app to your mobile phone and connect it to your Eiger account. TOTP apps generate new one time passwords on a minute-by-minute cadence; every time you log in to Eiger, you would open the app and enter the verification code currently being displayed.

 

Set Up App-Based Multi-Factor Authentication

  1. Download a free TOTP mobile app to your smartphone, such as Google Authenticator, Symantec, Duo Mobile, or 1Password. 
  2. Log in to your Eiger account in a Google Chrome browser window.
  3. Navigate to the My Profile page (Settings > Account Settings).


     
  4. Click Configure in the Multi-Factor Authentication row of the Security section.
  5. Click the Start Configuration button in the pop-up window.


     
  6. Open the app and use it to scan the QR code in the pop-up, or enter the provided text code into the app. The app will save the code and generate a new one-time password at regular time intervals.
  7. Enter the one-time password generated by the app into the MFA Code text field in the pop-up window.
  8. Click the Enable button to finalize MFA setup.

The next time you log in to Eiger, you will be prompted to enter the one-time password generated by your TOTP app.

 

Enable Google Single Sign-On

Note: If your Gmail address is not the email address associated with your Eiger account, you will not be able to enable Google Single Sign-On. 

  1. Log in to your Eiger account in a Google Chrome browser window.
  2. Navigate to the My Profile page (Settings > Account Settings).


     
  3. Click the Enable Google Sign In button in the Security section.


     
  4. Follow the prompts to add your Google account credentials.
    Note: If you are currently signed into Google Drive, Gmail, or a related service, you may not be prompted to enter your credentials.

Once your Google account credentials have been verified, you will be redirected to the Library page. The next time you need to log in to Eiger, select Log In With Google on the login page and enter your Google account credentials.