Jump to main content
Back to news

Neptun’s two-factor identification must be set!  

2024-04-09 16:23:00

We want to make sure that your student data is as secure as possible, so we are introducing two-factor authentication in Neptun. Until 29 April, it is voluntary to set up, but from 30 April it will be mandatory and centrally adjusted.

Many applications, such as banks, have long used two-factor authentication to protect their users from potential fraud. In the wake of recent IT security incidents, Corvinus is also looking to improve overall system security. User authentication when accessing the Neptun web interface will become a mandatory two-factor process from 30 April 2024. Until the deadline, you will be able to set up your own identification in Neptun on a voluntary basis. It not only protects your IT systems, but also your personal data, preventing you from falling victim to phishing and other scams. 

Important: Neptun two-factor authentication should not be confused with the Microsoft account authentication, which requires your CUSMAN password. Neptun account authentication requires a separate setup with your neptun password, with which we will help you with in the following sections of this guide. strong

The authentication process 

A smartphone is required to enable two-factor authentication. You can choose from a variety of authenticator apps, such as Google Authenticator (download here for iOS and here for Android) or the built-in 2FA code generator for Apple (more information here). 

 

From the selection, we highly recommend using Microsoft Authenticator for two-factor authentication; in this guide, we also use this application to show you how to set up two-factor authentication in general. 

Depending on the operating system of your smartphone, you can download Microsoft Authenticator from the following places: 

Please note that from April 30, two-factor authentication will be mandatory for all active and passive students in the neptun system, therefore from now on a paired smartphone will be required for all logins; and after entering the neptun code and password, the generated 6-digit token from Microsoft Authentication will also be required.  

The voluntary setup of two-factor identification (until 29 April) is as follows:

When logged in to your Neptun account, you can access the authentication setup by going to My Data -> Settings and clicking on the “Two-factor authentication” tab. 

Click on the “Setup” button to start the two-factor authentication registration by scanning the QR code appearing in the pop-up window. After opening Microsoft Authenticator, clicking on the + sign will bring up the Add Account tab, where you can scan the QR code by selecting the Work or school account option. 

If you are having trouble scanning with the camera, you can set up your school account manually. 

To do this, as in the previous version, you can manually add a school account by clicking on the “+” sign in the application under the Add Account tab and selecting the “Sign in” option. In this way, you can add your account to Microsoft Authenticator by logging in with your student email address @stud.uni-corvinus.hu and your NEPTUN password. 

The main page of the application will then display a 6-digit token (code) which, when entered with the NEPTUN password, will successfully set up the two-factor authentication. 

Please note that the validity of the token is always 30 seconds! The application will then generate a new 6-digit code.

Registering and logging in to neptun after the switch to mandatory two-factor authentication (from 30th April 2024):

AIf you log in to the neptun web interface for the first time after the central switchover to two-factor authentication (i.e. after 30 April), after entering your neptun code and password, you will need to register your smartphone with the QR code that will appear in the pop-up window to authenticate two-factor authentication. After opening Microsoft Authenticator, clicking on the “+” sign will bring up the Add Account tab, where you can scan the QR code by selecting the “Work or school account” option.

From the moment the two-factor authentication have been registered, as is the case with many other applications, you will need to enter the 6-digit code generated by the Microsoft Authenticator application every time you log in to the neptun interface.

If you are unable to log in due to an invalid token, you will need to try again by entering a new token. 

If you need help 

If you encounter problems when setting up two-factor authentication and/or logging in to Neptun, you can start a new case with your problem via the article “How to set up two-factor (2FA) authentication?” in the Neptun two-factor identification menu of Do It Online! 

Please only open a new case with Neptun 2FA identification-based problems. If you have a problem authenticating your Microsoft account, please contact our colleagues at ithelpdesk@uni-corvinus.hu.

Frequently asked questions 

Update date: 19.04.2024 1:30 p.m.

If you do not have a smart phone  

If you do not have a smartphone, you will need a computer to proceed the authentication. Depending on your computer’s operating system, you will need to download the following application:  

Please note that in the case of this solution, you can only log in to Neptun from the computer running this code generator. 

To set up FortiToken on a computer, do the following: 

Once downloaded, open the FortiToken application and install it on your computer. When the installation is complete, click on the “+Add” button at the bottom right of the interface to start the registration process. 

The “Account Name” field can be named as you wish (e.g., Neptun code), this will be the name of the key in the application. In the “Key” field, enter the string that you will find in the Neptun registration window when you click on the “Show the code” button in the panel. In the “Category (Fortinet or 3rd party)” field, select “3rd party”. 

After completing the missing cells, click “Done” in the bottom right corner of the interface. 

 

The main page of the application will then display a 6-digit token (code) which, when entered with the NEPTUN password in Neptun, will successfully set up the two-factor authentication. 

I have lost/replaced my smartphone, what should I do?  

If you have lost/replaced your smartphone with the authenticator running, you must report this to us by opening a new case under the “Report a lost/replaced smartphone” article of the Neptun two-factor identification section of Do It Online!. Once you have started a case, the two-factor authentication will be centrally deleted from your Neptun to prevent unauthorised access to your account using your lost smartphone. 

Important: Once the Neptun two-factor identification authentication has been deleted from Neptun, you must immediately set up a new authentication with another smartphone to keep your account protected. When re-registering, the previous account in the authenticator app must be deleted. 

How can authentication be installed on multiple devices?  

If you want to register your account on multiple smart devices, simply scan the QR code that appears when you register in Neptun on all the devices you want to use for authentication in the future. 

Will I still be required to use two-factor authentication if I am no longer a student?  

You will still be able to use two-factor authentication after the termination of your student status, but you will no longer be required to do so. This means that you have the option to deactivate the authentication, which you can do by going to your Neptun account and clicking on the “Two-factor authentication” tab under My Data -> Settings. However, in order to protect your personal data, we recommend that you keep two-factor authentication enabled in your account even if you are no longer a student. 

I have not switched to two-factor authentication by the deadline, what will happen? 

The switch to two-factor authentication is voluntary until 29 April 2024, so there are no consequences if you do not switch by that date. However, after the deadline, your Neptun account will be centrally set up to two-factor authentication, therefore it will become mandatory. 

How will the introduction of authentication affect the course and exam registration? 

Subject and exam registration is the same as before, but you will need to enter the generated code at the end of the waiting period when you login to Neptun. 

Why is this change necessary? 

Two-factor authentication is necessary to ensure that your personal data is as secure as possible, and that no unauthorised person has access to your Neptun account. 

I have already done the two-factor authentication for my Microsoft account in the past, what is the need for the current action? 

Previously, you could setup two-factor identification for your Microsoft account by using your CUSMAN password. The current measure is to protect your Neptun account. It is important not to confuse the two identities, you will need to set up different university accounts as two-factor authentication can be set up with your CUSMAN password for your Microsoft account and your Neptun password for your Neptun account. 

When entering the token, Neptun identifies the code as invalid, even though there was no typing error when entering the token; I am sure I entered the correct code from the application

The generation of the 6-digit token is time-sensitive, therefore it can take as little as half a minute for the computer and paired smart device to detect the token as invalid. This results in mismatching codes and the same message being displayed as if a typing error had occurred. 

Examples of this problem are when the clock on at least one of the devices is set to a different time zone / is running even half a minute early or late / has not been updated after daylight saving time, etc. 

Therefore, please make sure that the device on which you want to log in to Neptun and the paired smartphone running the authenticator show the exact same time. 

Who does the two-factor authentication apply to? 

Mandatory two-factor identification applies to all active and passive students. If you have already obtained your absolutorium, you are no longer subject to mandatory identification. 

Copied to clipboard
X
×