Multifactor authentication, also known as MFA, is a security measure that requires users to provide more than just a password to log into an account. Many companies and institutions have adopted this measure, and there are numerous options available to implement it. One commonly used system that you may be familiar with is when a service or account sends you a text message with a code on it to verify that you are in fact, you. Washburn University’s multifactor authentication solution is a program called Duo.
How does Duo work?
Duo is primarily utilized as a mobile application downloaded onto any smartphone, however there is a key fob available for anyone who does not or cannot utilize a smartphone. When a user wishes to log into their Washburn account on a new device, Duo will ask if you wish to receive a push notification to the smartphone application, receive a code via text, or input the code generated by the Duo mobile app or key fob to verify that you are the proper account holder.
What are the benefits of MFA?
Stronger Security - MFA provides enhanced security beyond what is possible with a password alone. By requiring an additional authentication step in the form of the push notification, text message, or access code, it makes it much more difficult for malicious actors to access your account.
Enhanced awareness - MFA allows you to have an enhanced awareness of login activity on your account. For example, if you start receiving unsolicited MFA requests, you are instantly alerted to the fact that some actor has compromised your username and password, and alert you to the need to update your password and notify IT Security of the attempted breach.
Safeguarding Against Stolen Credentials - MFA prevents unauthorized access even if a user's credentials are stolen through phishing, keylogging, or data breaches. Without the second factor, the stolen credentials become useless to an attacker attempting to breach an account.
Confidence in Remote Access - MFA is particularly valuable for remote access scenarios, allowing any remote worker or student to have confidence that their account will remain secure even as they access it from wherever in the world they are.
Stay vigilant!
--WU ITS Information Security