The Authentication Improvements and Evaluation of Cosign replacement project has been initiated to implement a subset of the recommendations from the recent Authentication and Authorisation review. The EASE website will be upgraded to have a more modern look and feel, resulting in it being less prone to being faked via phishing attempts. The password policy will be upgraded to make it stronger and the user experience will be improved by providing visual feedback when users are updating their password credentials. 

In addition, alternatives to the current Single sign-on (SSO) solution will be reviewed with the view to providing a recommendation for a long-term replacement.   

The following key deliverables are included in the scope of this project:-

• A modern, clean design that adheres to current web design standards
• Application re-branded from EASE to generic University of Edinburgh branding
• Revised password policy implemented
• Password Strength indicator implemented
• On boarding process updated to enforce users to password sync between AD and EASE accounts
• On boarding process updated to activate new users against the IS Applications notification service
• Two-step login process integrated into the sign-on mechanism of the new EASE web login pages
• Documented detailed requirements for what a Cosign replacement must deliver
• Evaluation report on viable solutions to replace Cosign