Two-step authentication is now available for PennKey users!
ISC's new Two-Step Verification service drastically reduces the risk of your data being compromised and your PennKey being used for nefarious purposes. Because a PennKey login from a new computer requires not just a password but a verification code that is delivered to your smartphone (or a special token you can purchase), it is much harder for malicious, unauthorized users to gain access.
It is easy and convenient, too. After the initial setup, once you enter your PennKey and your authentication code into a computer you use regularly, the rest of your regular login procedures will not change. Anytime you enter your PennKey on a new computer, you will be asked to provide the verification code.
SAS strongly recommends that all faculty and staff consider using Two-Step Verification.
ISC has put together a page with quite a bit of good information at: http://www.upenn.edu/computing/weblogin/two-step/
Their site even includes videos showing how easy Two-Step is, even for small children: http://www.upenn.edu/computing/weblogin/two-step/videoguides.html
If you have additional questions, please contact your LSP.