InCommon Operations supports automated two-factor password reset for site administrators. The first factor involves an email account (“something you know”) while the second factor involves a phone (“something you have”). Watch a video demo of two-factor password reset in action.
In the future, InCommon will also require two-factor authentication on your login account itself. Together, two-factor authentication and two-factor password reset make it very difficult for a bad guy to gain control of your login credentials.
Two-factor password reset and two-factor authentication are being deployed in phases. Two-factor password reset is available now. Two-factor authentication will be available early in 2015.
As a new site administrator, InCommon Operations verified your email address and your phone number, both of which were obtained from your Executive when your organization joined InCommon. This information is used for the purposes of two-factor password reset as well. It is all you need to reset your password.