In 2020, 81%of online data breaches reported worldwide were due to compromised credentials. When an individual adds a second authentication factor (a second piece of evidence in addition to a password to verify identity), the likelihood of their credentials being compromised drops to 0.1%. To bolster data security of the entire UNCG community, Information Technology Services (ITS) is updating the way students, faculty, and staff will access their University computing accounts.
Many banks and other consumer services that we all use in our everyday lives require us to receive codes by texts or phone calls when logging into our accounts. That process is called multi-factor authentication (MFA), and it’s coming to UNCG.
What is multi-factor authentication or MFA?
Multi-factor authentication is a technology security enhancement that requires users to present more than one piece of verification to prove that they are who they say they are, usually in the form of their password and an additional factor such as a pin number, fingerprint, validation through a smartphone app, or a hardware token. UNCG Enterprise Single Sign On (SSO) and many enterprise apps such as Google Apps, Canvas, Office 365, Box, and MyCloud will require the use of your mobile phone or tablet to access your accounts. Visit the MFA FAQ and other knowledge articles below for more information.
Why is MFA an important service for you?
UNCG already has robust campus network security – our campus network firewall continuously blocks approximately 50 new cyber attacks per second. In just one month last year, the UNCG firewall prevented more than three million attack attempts. However, these security measures alone are not sufficient to protect our students, faculty, and staff from sophisticated hackers.
Why will MFA be required at UNCG?
All UNC System schools are required to comply with UNC System Policy 1400.3, including UNCG. Most UNC institutions have already required MFA for their students, faculty, and staff. UNCG previously implemented MFA but had not required MFA for campus users to access services. To comply with UNC System policy, MFA must now be required at UNCG.
I already use Duo 2FA. How is MFA different?
Information Technology Services is transitioning the existing two-factor authentication (2FA) service, Duo, to Microsoft Azure MFA. Azure MFA provides more functionality and, because Azure MFA is part of the University’s existing Microsoft license, UNCG will save money annually on software licensing.
When will MFA be required at UNCG?
ITS is currently converting existing MFA identities from Duo to Microsoft. Azure MFA will launch to the campus community as follows:
- Spring 2021: faculty and staff, retirees, affiliates, secondary accounts
- Fall 2021: students
As MFA is rolled out, employees will be prompted to register for it when the service becomes available for them.
By December 2021, the University will require and enforce MFA for all University accounts.
Can I still use my token?
Hardware tokens will not be issued as a standard for the UNCG MFA service. Division Vice Chancellors and the Provost can approve special-exception cases to issue hardware tokens.
Where can I find more information about Azure MFA?