To better protect the intellectual property and personal information of our campus community, UW–Eau Claire is adding a second verification step to the login process for applications with High Risk data. This process, called multi-factor authentication, offers additional protection to your digital identity and is commonly used in many businesses.
Multi-factor authentication, provided to UW–Eau Claire by Duo Security, adds an additional step to the login process. The first steps for logging in will remain the same: you will enter your user name and password. The additional step utilizes a smartphone or token (also called a fob) to verify your identity.
Requiring two different channels of authentication helps prevent unauthorized logins to your account, even if your password has been compromised. The enrollment process is easy, and using the app or token is simple.
The multi-factor authentication project, will roll out to faculty and staff (including student employees) by February 2019 and later to all students. Implementing multi-factor authentication meets the mandated security requirements of UW System Policies 1030 and 1031 through the proposed alternative security measures (called a Compensating Control) that best suit the needs of our institution.
An RFP was concluded in 2017, with industry-standard Duo Security being selected. Other higher-education institutions Duo serves include Harvard, Michigan, Villanova, Syracuse, University of South Florida and more.
Why Is Multi-Factor Authentication Important?
MFA Prevents Devastating & Costly Breaches
Recent breaches resulting from compromised credentials include government agencies like the Federal Office of Personnel Management and higher education institutions like the University of Maryland, where a cleanup effort cost over $6.2M in credit monitoring alone. University of Central Florida also suffered a loss of 60,000 identities.
MFA Reduces UW-Madison’s Risk Exposure
MFA increases credential security across IT systems that use a username and password, including NetID. MFA will prevent us from having the same risk exposure as companies that were breached. Additionally, UW System Administrative Policies 1030 and 1031 mandate that we implement a multi-factor authentication system.