Multi-Factor Authentication: The University’s newest security safeguard
April 21, 2019
The University has recently introduced students to a new security safeguard called DUO multi-factor authentication that will protect their online data and accounts. Enrollment in DUO will be mandatory for all students by July 15, 2019. In addition to using a login with a username and password, multi-factor authentication is an extra step in verifying the identity of users on the University’s network.
How multi-factor authentication works
When users log in into their accounts using their University credentials, multi-factor authentication immediately follows as an extra step in security and logging into accounts. Logging in with multi-factor is used every time someone is prompted to log in.
There are various options that users can choose for multi-factor authentication. The most popular one used is the DUO push notification option, where users who have the DUO mobile app can simply accept or decline access to logins on their smartphone. In addition, users can use a code generator to request a batch of one-time use passcodes that can be sent to their phone via text message.
Either of these options can be used both on and off campus, wherever there is wifi available, meaning that even students studying abroad can use multi-factor.
If there are unauthorized attempts to get into a student’s account, then entries can be blocked via declined access and students are consequently encouraged to change their passwords. In the event that students do not have a device on hand for multi-factor authentication, using the DUO SOS security option, which acts as an emergency code, will work to let students into their accounts.
History of multi-factor authentication on campus
Following the lead of other companies and institutions – such as banks, Apple, and Steam – who use multifactor authentication for their users and customers, multi-factor authentication was first introduced to the University in 2015, with staff members being the first to test it out.
In 2017, faculty members were next to follow suit in using multifactor authentication and this past March, the Library and Information Technology staff and Bucknell’s Student Government (BSG) discussed the prospects of introducing multifactor authentication to the student body.
The gradual rollout of multifactor authentication – from staff to faculty and eventually to students – is due to the program’s impact on users. As Chris Bernard, the University’s Chief Information Security Officer, describes, “There were a lot of lessons learned as part of the staff rollout that were then used for the rollout to faculty. As for the delay for students, one of the limiting factors was the mobile app used by students, which did not work properly with Multi-Factor Authentication, so we had to wait until the new mobile app was deployed this year before continuing the rollout.”
The discussions of bringing multi-factor to students via BSG was spearheaded by Steve O’Hara, the University Director of Technology Services. Considerations of how to roll out the program to students – all at once or a gradual pace for every incoming first-year class – were discussed, as well as potential issues students may have with adapting to multi-factor.
The use of multi-factor authentication on campus has already proven to be successful. In the month of March 2019, there were over 62,000 authentication logins from faculty and staff on the University’s network, with 61% of the logins being DUO push notifications.
Benefits of multi-factor
Using the options for multi-factor authentication will give students better security and prevent their accounts from unwanted attacks such as phishing and spamming. In addition, passwords for University credentials will no longer expire every 180 days. If students enroll in the multi-factor authentication program before the official rollout on July 15, they will be able to keep their current passwords.
When asked about her thoughts on using multi-factor authentication, Mary Ann Burkland, Assistant Director for Technology Support, said, “Personally, I like having DUO. Not only does my Bucknell password not expire, but more importantly, it gives me an added layer of protection for my account. I also use multi-factor authentication whenever possible for my personal accounts outside of Bucknell; for example, my bank accounts, password manager, even my Gmail account. If I’m going to be online, I want as much protection as possible.”
How to enroll
There are a few ways in which students will be able to enroll in the multi-factor authentication program. Primarily, students can enroll themselves online at www.bucknell.edu/DUO. Following the instructions on this page will give students a step-by-step guide of how to register their smartphones for DUO authentication. If students are having trouble self-enrolling, the Tech Desk in Bertrand Library will be available to help students by walking them through the process.
There are opportunities for students to receive prizes and giveaways if they enroll between now and Commencement. Students who enroll by Commencement on May 19 will be entered into a drawing to win one of two sets of Jabra Elite wireless earbud sets. Additionally, the Library will be hosting “Donuts for DUO” tables on April 19, 22, and 23, where donuts will be handed out to students who enroll.
As a final note of importance from the Library and Information Technology department, students are encouraged to have lock screens on their phones – whether in the form of biometric key access, pins, passwords, etc. – to make sure multi-factor authentication works to keep their accounts secure.
For more information on multi-factor authentication, visit www.bucknell.edu/DUO or the Tech Desk, located in the Library and contacted via phone at 570-577-7777 or via email at [email protected].