NERSCPowering Scientific Discovery Since 1974

NERSC Adds New Layer of Security with MFA Authentication Requirement

Many ways for users to implement it into their workflows

January 14, 2019

Contact: Keri Troutman, khtroutman@lbl.gov, 510-486-5071

Screen Shot 2019 01 14 at 9.49.23 AM

Shyam Dwaraknath

Beginning this month, multi-factor authentication (MFA), a password security measure that provides extra protection against phishing and other digital security threats, will be required to access online resources at Berkeley Lab’s National Energy Research Scientific Computing Center (NERSC).

There are multiple ways users can implement MFA into their workflow, but all methods require users to authenticate each login with a unique token generated on an authenticator app installed on a mobile or desktop device. For example, NERSC user Shyam Dwaraknath implemented MFA when he started using Jupyter a year ago to manage his workflows. Dwaraknath is a Berkeley Lab research scientist working on the Materials Project, an open-access database for materials research developed by researchers from Berkeley Lab and MIT. Dwaraknath and his colleagues are using high-throughput computational first principles calculations to build a database of materials properties that can be used to develop design rules for functional materials. NERSC computing power gives the Materials Project the necessary information database to mine.

“Without NERSC we couldn’t have such significant impact,” Dwaraknath says. “We spend more than 200 million NERSC CPU hours every year computing structures and properties across the periodic table.”

Dwaraknath’s workflow is such that adopting MFA wasn’t much of a burden. He uses FireWorks, a workflow management program developed by one of his colleagues, to run his calculations through NERSC. It provides a centralized database that keeps track of all the calculations he wants to run, their status, and actual output information from the calculations.

“FireWorks lets me run in an asynchronous mode where I don’t have to log in to NERSC on a regular basis to get access to my calculations,” says Dwaraknath. “Rather, I have a program that sits at NERSC and submits jobs as I have queue slots available, and then as those jobs are finished they’re parsed back out to my database.”

Dwaraknath accesses his database via Jupyter, which is where MFA comes into the picture. Dwaraknath uses a simple web interface to authenticate his Jupyter login with MFA, and from there everything he accesses is through Jupyter.

“We knew MFA was going to be rolled out before we started using Jupyter, so I was able to switch to something that was more interactive, more powerful, and provided a platform for making MFA seamless.”

For more information about MFA at NERSC:

The NERSC MFA webpage

NERSC podcast about MFA

NERSC podcast about sshproxy tool


About NERSC and Berkeley Lab
The National Energy Research Scientific Computing Center (NERSC) is a U.S. Department of Energy Office of Science User Facility that serves as the primary high-performance computing center for scientific research sponsored by the Office of Science. Located at Lawrence Berkeley National Laboratory, the NERSC Center serves more than 7,000 scientists at national laboratories and universities researching a wide range of problems in combustion, climate modeling, fusion energy, materials science, physics, chemistry, computational biology, and other disciplines. Berkeley Lab is a DOE national laboratory located in Berkeley, California. It conducts unclassified scientific research and is managed by the University of California for the U.S. DOE Office of Science. »Learn more about computing sciences at Berkeley Lab.