SURFsecureID makes access to online services more secure through multi-factor authentication. Users log in with a user name and password and with a second factor: an SMS, a USB key, a mobile app (tiqr) or their Microsoft token. SURFsecureID is highly suitable for services involving sensitive data, and for preventing abuse of accounts.
Secure access to online services with two-factor authentication
SURFsecureID is safe, easy, and reliable. Read more about what it can offer your institution in terms of secure login.

We use more and more services with sensitive data, for example eHRM, number input systems, student information systems, applications with patentsensitive researchdata or privacysensitive patientinformation. These services require stronger forms of login than username/password. This helps you to cover the securityrisks.
Login in 2 steps
SURFsecureID allows you to add an extra securitystep to login. After checking your username and password, confirm your identity with an additional step. This can be done via SMS, usb key (Yubikey), mobile app (tiqr) or a Microsoft token. You get acces, only after you complete this step. In this way your services are double secured: with something the user knows and holds. In addition, you can use this additional authentication tool for multiple services inside and outside your institution.
High level of reliability

SURFsecureID offers you a higher level of reliability than other solutions for two-factor authentication. SURFsecureID checks the identity of the user and the selected second factor before you can use the service. Other solutions skip that check. As a result, SURFsecureID is more in line with international standards and the security guidelines of the Dutch government and the EU.
Rates
You can find the rates for this service in the SURF Services and Rates brochure (PDF)
More information
- Technical information about SURFsecureID on the wiki
- SURF-toolbox, a digital kit with various ready-to-use communication tools for SURFsecureID
- Blog (Dutch): veilige toegang tot Office 365
- Blog (Dutch): SURFsecureID en Microsoft Azure MFA combineren