Multi-factor authentication (MFA) adds an additional layer of protection to your account. An authentication protected by MFA will usually start the same way as any other login – by requiring a username and password. After your password is verified, MFA will require a second form of verification to ensure that the correct person is accessing an account – hence the “multi” in MFA.
Accounts protected with MFA will require at least two of these three mechanisms to verify an identity:
- Something you know – usually a password or a PIN
- Something you have – usually a cell phone, a card, or a USB device
- Something you are – usually this involves biometrics like a fingerprint scan
The problem with just using a username and password is it is a less secure authentication method. This makes it exceedingly important that you utilize MFA for all your accounts. Fortunately, MFA doesn’t have to be difficult to use! In fact, you probably already use it in some form. For example, you’ve used MFA if you have:
- Entered your ZIP Code to pump gas
- Swiped your bank card (something you have) at the ATM and then entered your PIN (something you know) which combined then allows the transaction to happen
- Logged into a website with your password (something you know) and then received a numeric code on your phone (something you have), which you entered to gain access to your account.
Benefits of MFA!
Prevent unauthorized access – MFA is one of the most effective ways to prevent the bad guys from having access to sensitive data.
Better Visibility – If a bad actor attempts to authenticate to your accounts with MFA enabled, you would receive the text message or notification to verify the authentication. If you weren’t trying to sign in at the time you received that alert, it is easy to identify that your password is probably compromised.
Less Worry – We encourage you to always use MFA when given the option, regardless of whether it is a work or personal account. It is a proven way to lessen the likelihood that a data breach will impact you.
How do bad guys access your account?
Email accounts are usually one of the first targets for an attacker, because you use your email to recover other accounts. Look at some of the ways they can obtain your password:
- Phishing emails – fraudulent emails that appear to come from a trusted source and trick you into divulging your credentials
- Spear Phishing – a targeted phishing attack where attackers do their homework on you, gathering publicly available information via social media and public records to create a pretext for the phishing email they send you. They may impersonate a friend, colleague or even your boss and direct you to a fake login page that will collect your credentials.
- Large scale breaches that get released publicly
- Guessing – Attackers will guess short, predictable passwords.
MFA will help protect your account against all these scenarios!
MFA is now available for your 鶹Ƶ account! Applying this additional level of security will protect authentications to all university systems including FlashLine, Blackboard Learn and your 鶹Ƶ email. While you have likely used MFA elsewhere, 鶹Ƶ’s is different. Don’t expect to see an MFA prompt every time you sign in. We will only challenge your authentication with MFA if we believe that the authentication seems unusual for your account or if you are accessing an application that requires elevated security.
Secure your account today by applying MFA! Find out how at .