What is Multi-factor authentication?
Multi-factor authentication adds an extra layer of security on your account by requiring you to have something you know (username and password) and something you have (e.g., cell phone or hardware token). When applications and services require multi-factor, it will prevent anyone but you from accessing using your account, even if someone else knows your password.
Multi-factor requires a unique security code each time your account is accessed on an untrusted device, application or web browser.
SOU has licensed Duo for multi-factor authentication.
Why is SOU implementing this?
Unfortunately, account compromises and malicious attacks have become more numerous and frequent at SOU. Passwords alone no longer provide a sufficient degree of safety. If your SOU account is "hacked", criminals will have access to your personal information and everything in your Google Account, your Banner Self-Service account, and all the online services of InsideSOU. Most credential breaches can be stopped by multi-factor authentication.
In addition, compliance and regulatory concerns are compelling us to implement multi-factor authentication.
What are the benefits of using multi-factor?
The main benefit of using multi-factor Authentication is a significant increase in protection of your account. If you receive a security code or push notification when you are not trying to log in to your account, you’ll immediately know that someone else is attempting to do so. If this does happen, you should change your password and contact the SOU Information Technology department!
- Multi-factor adds an extra barrier between your personal information and the bad guys.
- Multi-factor can help keep attackers from accessing your email, documents, payroll, personal information, or research data.
- Multi-factor reduces the risk of hackers using your SOU account to perform harmful activities.
- Multi-factor helps protect SOU's systems
I don't have anything confidential in my account, why should I care about multi-factor authentication?
Most attackers are interested in using your username and password to break into the secure internal network so that they can look for vulnerabilities on the thousands of sensitive internal systems on campus. Alternately, attackers will login to a user’s email account and send out hundreds or thousands of phishing messages to other faculty, staff and students in an attempt to compromise their computers and get access to sensitive information.
What services will be affected by implementing multi-factor authentication?
Duo protects services that you log in through InsideSOU, including Gmail, Moodle, and Banner Self-Service SISWeb. Duo protection is also being added to select services like VPN and remotedesktop.sou.edu (not including virtuallab.sou.edu).
Can I also enable 2-Step Verification for Google?
Yes! To enroll, visit the Google 2-Step Enrollment page.
Why would I want to enable both 2-Step Verification for Google and Duo?
Some Google apps and services, such as Drive/Drive File Stream and Chrome, bypass the normal SOU login page. To protect those apps, you must also enable Google 2-Step Verification. Note, this is not mandatory, just suggested.
Do I have to use a mobile device?
There are several methods that can be used, including a mobile device app, SMS text message, and voice phone call options. While using a mobile device is most convenient option and the one that most users prefer, faculty and staff may request a hardware token instead. Replacements for lost or stolen tokens will be charged to the user's department. Students must purchase their own tokens.
Can I use Duo without downloading the DUO mobile app?
Yes, you can. If you do not want to download and use the DUO mobile app on your smartphone, you can specify this during the device enrollment process. You must choose "other" when selecting the smartphone's operation system.
Can I use Google 2-Step Verification without downloading the Google Authenticator mobile app?
Yes, most of the same alternatives for Duo are also available for Google 2-Step.
Does SOU gain control of my personally-owned mobile device once I enable Duo or Google 2-Step Verification?
No!
By installing Duo or Google Authenticator on your mobile device, you do not provide SOU with any additional ability to access your device or monitor your personal activity.
Who is eligible at SOU to use multi-factor authentication?
Everyone at SOU, including students, faculty, staff, emeriti, and affiliates. Anyone who has an SOU account can use Duo and, if the account has an email address, Google 2-Step Verification.
Who is required to use multi-factor authentication?
Please see our multi-factor authentication policy.
How do I get started?
Instructions are available in our knowledgebase.