merge

src/data/notice.yml

@@ -23,6 +23,7 @@
   date: 2024-02-22
   content:
     ja: "[UTokyo Accountの認証基盤のシステム変更について](/notice/2024/02-utac-auth-improvement)（3月12日実施予定）"
+    en: "[System changes to the authentication infrastructure of UTokyo Account](/en/notice/2024/02-utac-auth-improvement)<br> * 2024-03-06 update: English version added"
 -
   date: 2024-02-22
   content:

src/pages/en/notice/2024/02-utac-auth-improvement.md

@@ -0,0 +1,88 @@
+---
+title: System Changes to the Authentication Infrastructure of UTokyo Account
+---
+
+On 12 March 2024 (scheduled), several system changes will be applied to the authentication infrastructure of UTokyo Account. These changes are intended to make multi-factor authentication, which becomes mandatory for UTokyo Account, more convenient to use. For more information on the mandatory use of multi-factor authentication, please refer to "[Multi-Factor Authentication is Mandatory for UTokyo Account](/en/notice/2024/mfa100-schedule)”.
+
+## More information systems will require `@utac.u-tokyo.ac.jp` when signing in
+{:#require-utac}
+
+When signing in to your UTokyo Account, the 1st screen below used to appear and you could sign in with your 10-digit common ID and password, omitting `@utac.u-tokyo.ac.jp` in some cases. After this system change, more often the 2nd screen below will appear and you will be required to enter your “10-digit common ID + `@utac.u-tokyo.ac.jp`”.
+
+<figure class="gallery">
+    <img src="./yasuda.png" class="border">
+    <img src="./akamon.png" class="border">
+</figure>
+
+※ The 2nd screen is one that has ever been appeared, but the background image and layout will be changed on this occasion.
+
+This change applies to information systems marked with “○” in the [UTokyo Account Service Directory](https://login.adm.u-tokyo.ac.jp/utokyoaccount/ ) (in Japanese). Typical examples are as follows:
+
+- UTAS
+- UTOL
+- Zoom
+- ECCS Cloud Email (Google Workspace)
+- UTokyo MyOPAC
+- EZproxy
+
+Please understand that this change is necessary to make passwordless sign-in widely available, which is explained next.
+
+## Passwordless sign-in will be widely available
+{:#passwordless-sign-in}
+
+Passwordless sign-in is signing into a system without entering a password. With this system change, passwordless sign-in will be available in many cases.
+
+This change applies to information systems marked with “○” in the [UTokyo Account Service Directory](https://login.adm.u-tokyo.ac.jp/utokyoaccount/). Typical examples are as follows:
+
+- UTAS
+- UTOL
+- Zoom
+- ECCS Cloud Email (Google Workspace)
+- UTokyo MyOPAC
+- EZproxy
+
+There are two passwordless sign-in methods available for UTokyo Account: FIDO security key and Microsoft Authenticator. Each of these methods is described below.
+
+Please note that these passwordless sign-in methods do not require other methods of identity verification, as they alone constitute multi-factor authentication.
+
+### Using passwordless sign-in with a FIDO security key
+{:#using-fido}
+
+If you are using a FIDO Security Key as your verification method for UTokyo Account's multi-factor authentication, you can use passwordless sign-in with a FIDO Security Key. Please refer to [the FIDO Security Key Initial Settings](/utokyo_account/mfa/fido-security_key/) (in Japanese) for information on how to set up the initial settings and the available OS and browsers.
+
+The sign-in process proceeds as follows:
+
+1. When the sign-in screen appears, press “Sign-in options”.
+2. When multiple options are displayed, select “Sign in with security key”.
+3. Follow the on-screen instructions to enter your PIN, complete biometric authentication or tap the security key, then sign-in is complete.
+   - If you are prompted to select an account, select UTokyo Account.
+
+### Using passwordless sign-in with Microsoft Authenticator
+{:#microsoft-authenticator}
+
+If you are using Microsoft Authenticator as your UTokyo Account's multi-factor authentication method, you can use passwordless sign-in with Microsoft Authenticator by making an additional setting.
+
+The setting procedure is as follows:
+
+1. If you have not registered Microsoft Authenticator as your identification method, follow the “[Initial Setup Procedures for Multi-Factor Authentication for UTokyo Accounts](/en/utokyo_account/mfa/initial/)” to register Microsoft Authenticator as your identification method.
+2. Launch the Microsoft Authenticator app on your smartphone and select your UTokyo Account displayed on the app.
+3. Press “Enable phone sign-in.”
+4. Press “Continue.”
+5. Follow the instructions to sign in.
+6. When you see the message “Please help us keep your device secure,” press “Register.” This completes the setup. 
+
+The sign-in process proceeds as follows:
+
+1. When the sign-in screen appears, enter your “10-digit common ID + `@utac.u-tokyo.ac.jp`”.
+2. Enter the displayed numbers into the Microsoft Authenticator app.
+3. Sign-in is complete.
+
+## FIDO security keys will be supported in all information systems that support multi-factor authentication
+{:#fido-in-all}
+
+Until now, some systems that support multi-factor authentication did not support FIDO security keys. After this system change, FIDO security keys can be used in all information systems that support multi-factor authentication. The following are examples of information systems that will newly support FIDO security keys.
+
+- UTokyo MyOPAC
+- EZproxy
+- Business Travel Expense System
+- Academic Access Management Federation (GakuNin)

src/pages/en/notice/2024/mfa100-schedule.md

@@ -37,7 +37,7 @@ For any other questions or concerns, please contact the [utelecon support desk](
 ## Additional Notes
 {:#check-also}
 
-Our authentication system is undergoing changes to accommodate more MFA options. See "[System Changes to UTokyo Account Authentication Infrastructure](/notice/2024/02-utac-auth-improvement)" for details.
+- Our authentication system is undergoing changes to accommodate more MFA options. See "[System Changes to the Authentication Infrastructure of UTokyo Account](/en/notice/2024/02-utac-auth-improvement)" for details.
 - To obtain a UTokyo Wi-Fi account, you also need to pass the information security test. See "[About using UTokyo Wi-Fi accounts for AY 2024](/en/notice/2024/02-wifi)." for more details
 
 ## Update History