1. Overview of SRP
The SRP is one of the user authentication systems of Tohoku University. This system is used in the following two situations.
- Off-campus access: Access to the university information services from off-campus networks.
- Student Portal: Login to the portal site for students.
1.1 SRP Authentication (for off-campus accesses)
The "off-campus" access means any access to the university information services from the off-campus network areas: for example, access from your home PC. The SRP authentication procedure of off-campus accesses is briefly summarized as in the picture below.
- Step 1. Any off-campus access is automatically redirected to the SRP login page or some redirection page, as long as the target system/service requires the SRP authentication for off-campus accesses.
- Step 2. The SRP authentication uses the Tohokudai-ID and Tohokudai-ID password. Note that the Student-ID will be rejected.
- Step 3. You will be asked the special additional authentication called the Image-Matrix Authentication. See Section 3 of this article for the detail.
The Image-Matrix authentication uses a special secret key. See Section 2.
- Step 4. After the Image-Matrix authentication, you are led to the Student Portal Site. You can access to various information services from this portal site.
Single Sign-On (SSO)
Several services support the Single Sign-On (SSO) feature. For such services, the additional authentication after the SRP authentication will not be required.
1.2 SRP Authentication (for on-campus accesses)
On-campus access does not require the SRP authentication, except for the case where you are going to login to the Student Portal Site. The on-campus access to the Student Portal Site is briefly summarized as in the picture below.
- Step 1. Visit the SRP login page.
- Step 2. Login with your Tohokudai-ID and Tohokudai-ID password.
- Step 3. You are led to the Student Portal Site. Note that the Image-Matrix authentication is not necessary for on-campus accesses.
2. Secret Key for the Image-Matrix Authentication
2.1 Your Initial Key
In order to get your initial secret key for the Image-Matrix Authentication, read the description in the bottom area of the authentication windows.
2.2 Key Changing Procedure
You can change your SRP Image-Matrix secret key by the following steps. Don't keep the initial password.
- Step 1. Visit the SRP login page.
- Step 2. Login with your Tohokudai-ID and Tohokudai-ID password. Note that Student-ID is rejected
- Step 3. You are led to the Student Portal Site. Click the "Secure Reverse Proxy SRP/Generate and change your private key for the SRP image-matrix authentication" menu in the Authentication/Password Management area.
- Step 4. The following table will be displayed. Click the "選択 (select)" button.
- Step 5. You will see a table of several image icons as in the screenshot below.Then you choose any three images as you like. In the example above, the three images "camera, hat and chair" are selected. This (ordered) sequence of the images is to be your SRP Image-Matrix secret key. Note that the order of the images is important..
- Step 6. Click the "configure (決定)" button to configure your secret key.
- Step 7. The message "処理が正常に終了しました" (which means "normally completed") appears. Then click the "Logout" button to close.
Your SRP Image-Matrix secret key configured here must be strictly kept in secret. Do not tell your secret key to anyone else.Back to Contents
3. Image-Matrix Authentication
3.1 Overview of the Image-Matrix Authentication
The Image-Matrix authentication will be required when you are going to access to the information services of Tohoku University from off-campus networks. After the normal SRP authentication with your Tohokudai-ID and Tohokudai-ID password, you will be redirected to the Image-Matrix authentication page, as depicted in the screenshot below. (Note that the Image-Matrix authentication is not required for on-campus accesses, and in this case you are directly led to the Student Portal Site.)
- The table consists of 5x5 image icons and each row and column is attached a numerical number. Those image icons and attached numbers are randomly determined every time.
- This random image table and your SRP Image-Matrix secret key configured in Section 2 determine your login password for this time. This password is a random "disposable" password which is valid only for this time.
The Image-Matrix authentication proceeds as follows. For example, suppose that your SRP Image-Matrix secret key is (fishbowl, postbox, camera).
- Step 1. Visit the SRP login page, and login with your Tohokudai-ID and Tohokudai-ID password. The Student-ID is rejected.
- Step 2. The random image table is displayed. You click the three icons according to your SRP Image-Matrix secret key in order. Now your secret key is , and then you click those three images in order. As you click the images, the corresponding numbers are automatically filled in the password box below the table.
In this example, the fishbowl is located at the position (11,92), and then it represents the number 1192. In the same manner, the postbox is located at the position (88,41) and it represents the number 8841. The last image (camera) represents the number 0321 because it locates at the position (03,21).
Thus, in this example your temporal password is 1192 8841 0321. You can directly type in this password instead of clicking the image icons.
- Step 3. Click the "ログイン (login)" button to proceed to the Student Portal Site.
- The image matrix and the attached numbers are randomly generated every time. Thus the generated password "1192 8841 0321" is a temporal disposable password that is valid only for this time.
- The most important code you must keep in secret is the SRP Image-Matrix secret key configured in Section 2. You should manage this secret key in safe hands. Don't leak or tell your secret key to anyone else.
- 1. Overview of SRP
- 2. Secret Key for the Image-Matrix Authentication
- 3. Image-Matrix Authentication