Security
Information about the security measures employed on the portal.
Portal Security
Q: Is my personal information secure on portal.issny.org?
A: Yes! ISS utilizes 256 bit encryption to encrypt data during transfer and while data is at rest so that it cannot be read by unauthorized parties. This, paired with user authentication, ensures that your information is only accessible by ISS.
Q: Why does issny.org say that it is insecure?
A: This is because the home page at issny.org does not handle personal user data and it is not currently using the 256 bit encryption that other ISS services that manage sensitive user data utilize.
Simply visiting https://issny.org will show you the secure version of our website.
Q: How can I verify that my connection to issny.org is secure?
A: When visiting web pages, you may notice a small padlock next to the URL at the top of the web page. This padlock icon means that your connection to that website is safe and sound!
Multi-Factor Authentication
Multi-factor authentication (sometimes also called two-factor authentication) is used on the Portal to increase security and help protect your data. After entering your username and password, you will be sent a one-time passcode (OTP) which you will enter to complete your log in.
Be sure to add both your email address and a cell phone number capable of receiving text messages in your preferences. In case you don't receive the OTP at one, you can use the other method as a back up.
Existing Users
Upon login, existing users will select whether to receive the code via email or text message. You can only choose from the email address or cell phone number that you set up in your OTP preferences.
New Users
Edit Multi-Factor Authentication Details
FAQ
The one-time passcode isn't working.
- Only the most recently requested code is valid. This means that if you trigger a code to be resent, whether by the same or different method, any previously requested codes will not work.
I didn't receive the one-time passcode.
- It may take up to a minute to receive the passcode. If you still haven't received it, you can click Resend Code to send a new code using the same method. To receive a code using an alternate method, click Email Code or Text Code.
- Users can send themselves a code once every three minutes.
- A red error banner will appear if you attempt to send yourself three or more codes without waiting - one initial code on login and two resend attempts. The error message will remain until the time limit passes and you can once again request a code.
- Do not go back to the login screen, you won't be able to get back to the OTP screen to enter your code. You need to wait for the three-minute timer to rundown before you can request another OTP.
Entered one-time passcode, back at Login?
-
Please make sure that you are only entering the OTP code. Do not hit enter/return afterwards. Hitting enter is not necessary and if you are doing so, it is most likely what is causing you to unintentionally “click” the link that takes you back to the login screen.
-
Once you enter the sixth and final numeric digit in our OTP code, the Portal will automatically take you to the home screen or display the red error banner if you entered the wrong code.
Email or Text option is grayed out.
-
This happens when the information entered is invalid in some way. For example: an email address missing the @, spaces or carriage returns before or after the email or phone number.
-
Please correct or re-enter your information by following the steps above under the Edit Multi-Factor Authentication Details section.