The Central Authentication System (CAS), Virtual Private Network (VPN) and Multi-Factor Authentication (MFA) systems are important tools that allow you to access University resources in a secure manner.  Depending on the resource you are trying to access, you may be required to utilize one or more of these systems. 

It's helpful to note that MFA is a extra layer of security that can be used as part of both the CAS and VPN systems.

For example:

  • Web applications (e.g. Gmail, Tableau Server, SAS Visual Analytics) generally enforce MFA through CAS.  When you go to these sites, if you're not already logged-in to CAS, you can expect to see a CAS prompt, which will include an MFA prompt as part of the CAS log-in. 
  • Desktop applications (e.g. Tableau Desktop, SAS Enterprise Guide) generally enforce MFA through a specific VPN group that requires MFA (i.e. UMaccess-MFA).  To use these desktop applications, you generally will connect to the VPN first, complete the MFA prompt as part of the VPN log-in, and then also log-in to the application with your Directory ID and password.
  • When you are off-campus, you may be required to connect to the VPN even when accessing web applications.  For Tableau Server and SAS Visual Analytics, you can connect to any VPN group, even if it does not include MFA, because MFA is guaranteed to be enforced through the CAS log-in to those web applications. 
  • If you access a VPN group that uses MFA (e.g. UMaccess-MFA) and access a system that uses CAS (e.g. Gmail) it is normal to see the MFA prompt multiple times: at least once for the VPN connection, and at least once for the CAS log-in.