RIPE NCC Access (Single Sign-on)
All services that the RIPE NCC offers are supported by RIPE NCC Access:
To enhance the security of our services, we also offer two-step verification for RIPE NCC Access. This is an optional security feature that adds an extra layer of protection to your RIPE NCC Access account. You can set this up on your profile page. Once enabled, you will be required to enter a six-digit code in addition to your password whenever you sign in.
You can learn more about this functionality in the FAQ.
Using RIPE NCC Access with the RIPE Database
The only service that the RIPE NCC provides that supports multiple authentication methods is the RIPE Database: namely MD-5 passwords, PGP keys, X.509 certificates and your Single Sign-On (SSO) account. All of these are available to associate with your mntner object simultaneously.
We strongly advise you to associate your organisation's mntner object with your SSO account because:
- When authenticated, you will get a seamless experience across the entire website
- It will make Webupdates easier to use and more secure, especially when compared to MD-5 passwords
- You can recover a lost password yourself, without needing to contact the RIPE NCC
- Because SSO is tied to a user, there is more detailed auditing as to who made what change to your objects
You can associate your SSO account by editing your mntner object and adding an additional auth: attribute:
- auth: SSO <your-sso-email _at_ example _dot_ org>
You can add as many SSO accounts as you like: one for each authorised user. Please note that the email addresses of the SSO accounts wil not be publicly visible in the RIPE Database. Only authorised users can see them.
Lastly, when you request an MD-5 password reset we will update it with your SSO account after processing your request, in order to promote security and usability.
If you have any questions, please do not hesitate to contact us.