icon-symbol-logout-darkest-grey
Heidelberg University
University Computing Centre Heidelberg logo

30 April 2024 – IT SecurityMoodle: Plans for Secure Access via VPN

In order to better protect our learning platform Moodle from hacking, in a few weeks access to this service from outside the university network will be protected via a VPN (Virtual Private Network) connection. VPN access provides additional security for this online platform, which has increasingly been targeted by attacks in recent months and protects users and data. Starting 1 July 2024, Moodle will only be accessible via the university network or via VPN.

Students with laptops and digital devices participating in online courses

Multi-factor authentication (MFA) was introduced at the university at the end of 2023 as an enhanced security measure. Since that time, users have only been able to log in to the central VPN, which can be used to establish an encrypted connection to the university's internal network, in secure form. In addition to the username and password, users need a time-based one-time password (TOTP) to log in. To do this, they must set up a "token". 

VPN and MFA: A Strong Duo for Better Protection 

All students and employees who have not been using our VPN and have not yet set up a token for multi-factor authentication should do so as soon as possible, as further services will gradually be connected to the MFA service over the next few months or will only be accessible via the university network or a VPN connection. Securing online environments in this way increases the security of all university members including their data and accounts.

Changes to using Moodle: Token required for VPN login

  • Study & teach more securely: Dates for the next services that will become exclusively available via the university network or via VPN: 
    • Moodle: from 1 July 2024
  • To log in to the central VPN service, you already need a time-based one-time password (TOTP) in addition to your username and password. 
  • The TOTP will be created with a one-time password generator, also called a token. 
  • When you log in, your time-based one-time password will be displayed by your token (e.g., your smartphone with an app). You will enter this password as a second factor after entering your username and password.

Important note: Please set up your token in a timely manner in order to be able to use VPN and thus Moodle outside the university network from 1 July. This applies to employees as well as all students.

Here's how to set up and manage your tokens:

You can set up and manage your token yourself in about 10-15 minutes. The URZ provides the MFA Token self-service platform LinOTP for this purpose. 
You can find all how-tos, video tutorials and further information as well as FAQs on the MFA Service Catalogue page.

Should you require assistance, please contact the IT Service (for students) or your IT representative (for employees).

Moodle: Set up your additional factor for a secure login now!

Deutsch

Contact