What is 2-Factor Authentication?
2-Factor Authentication (2FA), sometimes called 2-Step or Multi-Factor Authentication, is a method of securing your account by combining something you know, like your unique username and password, with something you have, like a smartphone. This extra layer of security helps us secure your account from remote attackers who try to steal and exploit your account information. Santa Clara University is using Duo Security to provide 2FA to faculty, staff, and students.
Why do we need 2FA?
Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve stolen usernames and passwords. We are seeing a substantial increase in SCU employees being targeted with phishing and scam emails designed to steal your account information. Simply put, passwords are no longer enough to secure your account and the data you have access to. Two-factor authentication enhances the security of SCU applications by requiring a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password. Duo 2FA is a crucial part of ensuring that your SCU account stays safe, and deploying 2FA to all SCU employees will allow us to meet our obligations for protecting the confidential data of our students, staff, and faculty.
2FA isn't just for SCU accounts. We recommend you enable 2FA on all your personal online banking, financial, social media, email, and other accounts that support it. 2FA on your personal accounts can help protect you against identity theft, fraud, and other problems. You can check out which of your online accounts offer 2FA at https://twofactorauth.org. 2FA is the best method available to you to protect yourself and your family from cyber fraud.
How will Duo 2FA change my login experience?
When logging in to an application that is protected by Duo, you will still enter your username and password. After inputting your login information, Duo requires you to complete a method of second-factor authentication. This could be a push notification to a smartphone app that you have to approve, inserting a hardware token into your computer, entering a code you recieved via SMS (text message), or answering a phone call and pushing a button on the dialpad. Duo does not replace or require you to change your username and password. Think of Duo as a layer of security added to your pre-existing login method.
Who will use Duo 2FA?
Eventually, everyone who has a Santa Clara University account will use Duo 2FA. Currently, Duo 2FA is already required for Peoplesoft Financials and Concur access. In the fall of 2019, Faculty and Staff will be able to "opt-in" to Duo 2FA for Gmail and Workday access. However, by January 2020, Duo 2FA will be mandatory for all employees. Timelines for adding additional applications to Duo 2FA, as well as for requiring student 2FA coverage, are under development.
Have questions? Ready to begin?
Check out our FAQs, see set up instructions on our Quickstart Guide, or Enroll your device now.