In two previous posts, we discussed the necessity and some of the problems associated with passwords. As mentioned in those articles, passwords are a needed defense against those that would attempt to steal or damage our electronic information. There is yet another approach, which I will discuss here and expand over the remainder of this academic year that provides the best protection we have against unwanted attacks. That solution is another cybersecurity term: two-factor authentication (2FA).
Higher education institutions are stomping ground for malicious hackers. Two-factor authentication is a significant step to making sure we protect the institution’s sensitive, confidential, personal and financial information.
Using two-factor involves another method to verify a logon activity. When you open an application in your web browser, you typically supply a username and password. That can be referred to as single-factor authentication because it has one method for gaining access to your account, typing in a username and password. If we add one more step in the process before you can access your account, that is called two-factor authentication, because you had to suuply two things to gain access to your account.
Two-factor is becoming more common place and may be something you already do for your bank and other highly sensitive or confidential information stored on other organization’s computers. Typically, you go to a website, type in your username and password, and then are sent a code as an additional step to authenticate: e.g. typing in a 6-digit code you received on your phone/email or clicking on a link in an email message that completes the authentication process. This is two-factor authentication.
In the coming months, we will begin the process of adding 2FA to some of our institutional applications. Keep an eye on these posts for more information.