Identity Management at UVa
Levels of Identity Assurance at UVa
At the University of Virginia, before you can log into a secure application or a University-protected system, UVa must first be assured that you are really who you say you are before you are granted access. Identity assurance is the process that verifies the identities of computer users.
At UVa, there are 3 levels of identity assurance, depending upon the sensitivity of the data you are attempting to access, as described below.
Standard-Level Identity Assurance
At UVa, logging into most systems (such as UVaCollab or reading UVa email) requires standard-level identity assurance. Before allowing you to proceed to these systems, NetBadge requires that you provide:
- your personal digital certificate (a faster, more secure method), or
- your UVa computing ID and password on one of these compatible systems.
Enhanced Identity Assurance
At UVa, logging into certain University computer systems which need a higher level of security requires enhanced identity assurance. Before allowing you to proceed to these systems, Enhanced NetBadge requires that you provide:
- your personal digital certificate (a faster, more secure method), or
- your UVa computing ID and password on one of these compatible systems, as is required with “regular” NetBadge; plus
- your University ID number, and
- the answer to one of your personal security questions you set during the ID verification process.
High-Level Identity Assurance
At UVa, logging into systems with highly sensitive data requires high-level identity assurance. Before allowing you to proceed to these systems, you must provide secure two-factor authentication:
- possession of a hardware identity device (ITS Token), and
- knowledge of the password for the device.
