Changes only for those using IMAP
On 1 May 2023, UiO will switch off the possibility of using IMAP for e-mail outside UiO. Changes that result from this only apply to around 1,800 employees who use IMAP. For the vast majority of people, this does not mean any change. Those affected by the change will receive an e-mail about it.
Increased security
In order to increase the security of both individual users and IT systems, two-factor authentication has been introduced for a number of IT services at UiO. This essentially means that you must use your mobile phone to approve logins. The vast majority of people at UiO have already met requirements for two-factor authentication, for example to read e-mail, but there are some that remain, namely those who use the IMAP protocol for e-mail.
The change that is being introduced now only applies to those with IMAP, and those concerned will receive an email about this. If you do not receive an e-mail about the change, you are not affected by it, and can read e-mails as before.
IMAP does not support two-factor
Only about 1,800 of UiO's e-mail users use IMAP, and all others have already received two-factor authentication for e-mail. The change being introduced now only applies to those who use IMAP. Others are not affected by the change.
IMAP does not have support for two-factor, so here the IT department had to come up with a different solution than for everyone else when security is now to be strengthened. Since the use of services on UiO's own network is considered safe, IMAP users can still do as before as long as they are at UiO, but to read e-mail from home or from places other than UiO, they must use Remote Desktop or SSH in to UiO. Mobile devices (phones/tablets) must be set up with the Exchange Active Sync protocol. This applies from 1 May 2023. The change only applies to the approx. 1,800 with IMAP, and everyone affected will receive an e-mail about this.
Why is it done this way?
Section manager for Digital communication platforms, B?rd H.M. Jakobsen, can tell that IMAP is an older protocol for reading e-mail. At UiO, it is mostly users with special needs who now use this protocol. Since it is old and does not support two-factor authentication, he recommends that affected users switch to another protocol. For those who, for various reasons, cannot use other protocols, Remote Desktop or SSH will be the solution for reading e-mail from outside. For use at UiO, there are no changes. Mobile devices (phones/tablets) must be set up with the Exchange Active Sync protocol.
- See the list of recommended email applications. Guidelines for how these applications are set up against UiO's e-mail and calendar service have been updated.
Project manager for the UiO two-factor project, Frank Paul Silye, says that the increase in security when introducing two-factor authentication is significant. – Securing login to all e-mail at UiO has been an important goal for the two-factor project. Now the IMAP users also get two-factor from the outside through the login to Remote Desktop and SSH, and we are very happy with that. This means that unauthorized persons cannot misuse passwords to log in to any UiO email client, and data and services at UiO are safer than before, says Silye.
What about me?
The vast majority of people at UiO are not affected by the change. If you do not receive an e-mail about changes, you also do not need to do anything about the way you read e-mails. Those who currently use IMAP will receive an email with more information about the change and what they need to do to still be able to read UiO email using IMAP.
Most people who use IMAP today have chosen this themselves and know how to switch protocols or set up Remote Desktop/SSH. If you are unsure whether you use IMAP or you know that you use IMAP and would like help with further setup, you can contact IT Help, the joint point of contact for IT user support at UiO.