Significant security features have been added to help protect yourself from unauthorized access. See the Version 4.4 release notes for more details.
Release Notes
This release allows A&M System Member SSO Administrators to choose how their employees login to SSO.
This new feature has multiple benefits including:
Reduces the number of credentials that employees must manage to access business applications like Workday, FAMIS, Concur, AggieBuy, and more
Better protects employees’ private information
Improves cybersecurity posture
Improves operational efficiency
Reduces operational costs
Who Is Impacted?
Beginning 11/1/2024, A&M ...
This release updates the log-in screen and incorporates the newest release of Duo.
Enhancements
Logon screen
To help simply using the Alternate Login feature, the logon screen no longer displays the UIN and password fields by default. Instead, a grid of campus and agency logos are displayed as login choices. When a user clicks a logo, they will ...
Per Duo Security, March 1st, 2022:
In order to comply with U.S. regulations, Duo will begin blocking authentications from users whose IP address originates in a country or region subject to economic and trade sanctions enforced by the U.S. Office of Foreign Assets Control.
Beginning May 5, 2022, users attempting to authenticate to a Duo-protected application from ...
Version 5.3 of Single Sign On adds support for the new employee statuses: Fellows, Non-Employees, Military Leave Dependents, and Terminated Non-Employees.
Enhancements
Employee records designated as Non-Employee, Fellows, or Military Leave Dependent are considered active in the context of SSO. They will therefore appear in the search results of “Active Only” employee searches.
Non-Employees and Fellows can be ...
Version 5.2 of Single Sign On adds new features to help with the Duo two factor authentication process.
Enhancements
SSO Admins with password reset ability will now see the employee’s Duo account status on the Status tab. If the Duo account is locked, the admin will see an unlock button next to the status.
The enrolled devices section ...
Version 5.0 of Single Sign On implements significant changes to the underpinnings of the SSO application. Many of these changes are not readily apparent to employees or administrators but are essentials precursors to the next major enhancement to Single Sign On, general availability of Two-Factor Authentication (2FA).
Enhancements
Enhanced the employee’s Status tab used by SSO administrators ...
Added functionality to prevent an IDP authenticated user from getting into SSO if the SSO account has been locked and write to the security log if there has been an attempt.
Created separate logon Urls for WIND and Shibboleth HTTP handlers instead of using the same one for the application user interface.
Added TTI Identity Provider and modified logout page to encourage users to close the browser.
Added AgriLife and Tarleton Identity Providers and added links to SSO logon and Campus/Agency logon help pages
This is the pilot release of SSO as a Shibboleth Service Provider. SSO can now accept logon credentials from selected members of the TAMU Shibboleth federation.
The following system members are participating in the initial pilot. Employees of these system members can use their local credentials or their SSO credentials when logging in. Over time, other ...
The SSO password strength requirements were strengthened to the specifications shown below. This new criteria will be enforced the next time a user changes their password.
8-64 characters
1 Uppercase letter
1 Lowercase letter
1 Number
1 Special Character (!, @, #, etc.)
A ‘Coming Soon’ graphic and message was added to inform employees about the forthcoming release that will allow ...
The changes in version 4.4.1 of Single Sign On primarily relate to security and event logging. When an employee’s password is reset, SSO now automatically sends the employee to both the old and new email addresses. To help prevent unauthorized access from countries that are known for hacking and phishing operations, all logins from certain ...
This version was released on May 2nd, 2014. It includes features to help employees monitor their logon activity.
New Features
A ‘Recent Logon Activity‘ list has been added to the Home tab
The ‘Security Log’ tab now has a ‘Report Problem’ button for an employee to notify security administrators about questionable logon activity
Alert message added to Home tab ...
New Features
System Admin Role
System Administrators can now add, update, and delete SSO applications’ roles from with SSO rather than using BPP’s “green screens”.
Accordingly, BPP’s green screen number 453 will be retired in the near future, probably in conjunction with version 4.3.1 of SSO.
Role Updates
Employee Role
Indicate on the Main Menu if there are hidden menu items available
UIN was removed from the “My Managers” page for the Employee role
Ace project was added to the SSO menu for authorized users
Application names were updated to display correct casing on menu
On the “My Manager” page, only show PINs currently occupied ...
Application Updates
Created online Help System
Added Contacts database
Development of new applications for the Texas A&M University System has necessitated some changes to the SSO, LeaveTraq, and TimeTraq applications. Most of these changes will only impact employees who perform administrative functions within these applications. Employees without these administrator roles will see very little changes to the applications.
The development of the Effort Tracking and ...