- Active Directory (UMROOT)
Active Directory (UMROOT) authentication is used when accessing a number of U-M services, including MWireless, MiWorkstation computers, and more. - Kerberos at U-M
Kerberos is used for authentication (to validate that you are who you say you are) when logging in to many services and systems at U-M. Going forward, the university will move toward use of single sign-on authentication options such as Shibboleth rather than using Kerberos directly. - Shibboleth at U-M
Shibboleth allows people to log in to web resources at other institutions using the ID and password they use at their own institution. U-M offers Shibboleth service with two protocol options, Security Assertion Markup Language (SAML) and OpenID Connect (OIDC). - Social Login at U-M
Social login can be implemented to allow guest access. It can allow people who do not have or use a uniqname and UMICH password to log in to a service at U-M using a social account (such as Facebook, LinkedIn, or others). See Implementing Social Login for U-M Services. - Two-Factor Authentication (Duo)
Users of U-M systems containing sensitive university data are required to use two-factor authentication for increased security. Individuals can turn on two-factor for Weblogin to protect their U-M account and information. U-M units can implement Duo for their systems and services.
