- Active Directory (UMROOT)—U-M Windows Forest
Active Directory (UMROOT) authentication is used when accessing a number of U-M services, including MWireless, MiWorkstation computers, and more.
- Cosign at U-M
Cosign is the secure, single sign-on authentication system used to provide access to protected web resources at U-M. See Using Web-Authenticated Resources (Weblogin Using Cosign) at U-M.
- Kerberos at U-M
Kerberos is used for authentication (to validate that you are who you say you are) when logging in to many services and systems at U-M. Going forward, the university will move toward use of single sign-on authentication options such as Shibboleth rather than using Kerberos directly.
- Shibboleth at U-M
Shibboleth allows people to log in to web resources at other institutions using the ID and password they use at their own institution. U-M offers Shibboleth service with two protocol options, Security Assertion Markup Language (SAML) and OpenID Connect (OIDC).
- Social Login at U-M
Social login can be implemented to allow guest access. It can allow people who do not have or use a uniqname and UMICH password to log in to a service at U-M using a social account (such as Facebook, LinkedIn, or others). See Implementing Social Login for U-M Services.
- Two-Factor Authentication (Duo)
Users of U-M systems containing sensitive university data are required to use two-factor authentication for increased security. Individuals can turn on two-factor for Weblogin to protect their U-M account and information. U-M units can implement Duo for their systems and services.