Carnegie Mellon University

2fa - Safe and Secure

August 28, 2017

Two-Factor Authentication Improves Security

You've probably heard about two-Factor Authentication (2fa), a service that provides an added layer of protection for your Andrew userID and password. University faculty, staff, and student workers are required to use Duo, a 2fa application. And, other students, as well as those with sponsored accounts, are encouraged to enroll in 2fa for added identity and account security.

Why 2fa? “Simply stated," explained Rodney McClendon, CMU Vice President for Operations, "two-factor authentication increases the collective online security of the entire university. Everyone who uses 2fa helps reduce the risk of breaches, and better protects all CMU accounts, passwords, and password-protected data, systems and services."

"Implementation of 2fa is a university-wide effort," continued McClendon. "I extend my sincere thanks to the entire campus community for their help and support in making the 2fa program a success – from those involved in the 2fa research initiative and user surveys, to everyone who enrolled by our deadline, as well as to all affiliates for their continued awareness and diligence in helping prevent and respond to cybersecurity threats.”

Two Devices Can Be Better Than One

If available, enroll two devices in 2fa, so that you can access your data if there is a problem with a supported device, which includes a smart phone, a tablet and a hardware token available from the Help Center. Visit the 2fa Self-Service Registration page to register and manage your 2fa devices.  

What's next for 2fa with Duo? "Look for more university services to start using 2fa with Web Login for access to their sites," commented Mary Ann Blair, Chief Information Security Officer. "The more services utilize 2fa, the more we reduce our exposure to phishing and malware attacks.But keep in mind that two-factor authentication isn't a silver bullet. Unfortunately, attackers have already been known to lure 2fa users into approving fraudulent 2fa requests or providing their passcode. Everyone needs to remain vigilant. Don't approve DUO push requests if you aren't logging in and report suspicious situations to the Information Security Office. There is no ironclad system that can protect from every online threat but by working together, we can help keep everyone's data safe on campus."

Learn more about 2fa