[Eril-l] 2-step verification from Atypon

Loder, Julie L julie.loder at Vanderbilt.Edu
Thu Sep 7 08:36:12 PDT 2017 

Hi,

Is this an optional setting for publishers?  I am wondering because I have logged into several Atypon powered admin sites to get usage in the last couple of weeks and have not encountered this. I have also moved between administrative options. Maybe only certain publishers are doing this?

Thanks for bringing this up.  If I had encountered it, it would be frustrating for us too.  More than one person may need to access the admin account.

Julie

From: Eril-l [mailto:eril-l-bounces at lists.eril-l.org] On Behalf Of Gail Fraser
Sent: Thursday, September 7, 2017 10:22 AM
To: Mark Winek <mdw65 at georgetown.edu>; eril-l at lists.eril-l.org
Subject: Re: [Eril-l] 2-step verification from Atypon

It doesn’t work well at all for an institutional Admin account. I set up the accounts but someone else retrieves the use statistics. Now all the functions are locked to my personal cell phone.

Gail Fraser

Gail Fraser
Manager, eResources Access & Maintenance
Dalhousie University Libraries – Resources
Kellogg Health Sciences Library, Dalhousie University
5850 College St., P.O. Box 15000
Halifax, N.S. Canada B3H 4R2

(902) 494-1670 | Fax (902) 494-3750
Gail.Fraser at Dal.Ca<mailto:Gail.Fraser at Dal.Ca>

From: Eril-l [mailto:eril-l-bounces at lists.eril-l.org] On Behalf Of Mark Winek
Sent: Tuesday, September 05, 2017 8:28 PM
To: eril-l at lists.eril-l.org<mailto:eril-l at lists.eril-l.org>
Subject: [Eril-l] 2-step verification from Atypon

Dear Collective Wisdom,

After logging into a few publisher sites hosted by Atypon, I noticed that I'm being prompted to set up 2-step verification at every turn. I can log in to my administrative account, but if I attempt to go to any other pages (such as to update IP addresses), I have to input my mobile phone number to receive a one-time code via SMS. It gives me the opportunity to remember my computer for 30 days (no doubt by cookie).

While I usually applaud these types of efforts, I'm wondering how you have dealt with this from an institutional point of view. Since I'm not the only one at my institution accessing the administrative accounts, I would have to ask my staff to use their personal mobile phones to run 2-step verification when the log on (since our desk phones don't take SMS). And if any one of them can verify by SMS, what's the added security of 2-step verification offering?

Thanks,
Mark

Mark D. Winek
Unit Head, Electronic Resources & Serials
Georgetown University
Joseph Mark Lauinger Memorial Library\
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eril-l.org/pipermail/eril-l-eril-l.org/attachments/20170907/01e8ea42/attachment-0001.html>

More information about the Eril-l mailing list