Why Multi-factor Authentication at Northwestern?
Over the past few months, you’ve probably heard that FASIS Self-Service has begun using a multi-factor authentication password protection technology at Northwestern. Yet you may still be wondering, what is it, how does it work, and why is it an option at Northwestern?
“Universities have graduated to high-value targets of phishing email attacks and other cybercrime. Northwestern is no exception,” said David Kovarik, director, NUIT Information and Systems Security/Compliance. “On any given day, our firewalls block over 600,000 attacks and the Exchange system drops or quarantines an astounding 1.45 million email messages identified as malicious.”
According to a National Consumers League sponsored white paper, The Consumer Data Insecurity Report, over 60 percent of breaches are caused by stolen credentials, largely attributable to poor or inadequate personal password practices. The report examines data breaches and identity fraud in four metropolitan areas, including Chicago.
“Simply speaking, the use of multi-factor authentication helps protect you and keep your personal information private, even if your password is compromised,” adds Kovarik.
Multi-factor Authentication (MFA) at Northwestern uses an industry-accepted technology that provides an extra layer of defense for your password. It’s used by many organizations and peer institutions to help make it more difficult for the bad guys to access your information—even if they know your password.
Last quarter, FASIS (Faculty and Staff Information System) partnered with NUIT to introduce MFA to University employees. Since that time, more than 9,500 people have proactively taken this step to protect their personal information when logging in to FASIS Self-Service to view their W-2 forms and access their direct deposit information.
Currently, FASIS Self-Service is the only University system using MFA.
How It Works
In addition to your password, MFA requires extra information to verify your identity in order to access a system or service. At Northwestern, it can be as simple as answering a phone call on your office, cell, or home phone each time you log in to FASIS Self-Service.
You may already be using a type of multi-factor authentication without even realizing it!
- When you go through airport security, you need to produce the ticket you purchased and some form of photo I.D. to be allowed on the plane.
- When you swipe your card at the gas pump and are prompted to provide your zip code before your payment is accepted.
- When you log in to your bank account from an unfamiliar computer and are sent an email providing you with an access code.
Taking the extra step to prove that it’s really you may be a small inconvenience, but doing so helps to ensure that no one but you can get to your sensitive financial or other personally identifiable information.
Helpful How-To Videos
Whether you’re considering using MFA with FASIS Self-Service or have already registered and would just like a refresher on the basics, NUIT has created several short (approximately 2 to 3 minutes) how-to videos to help you along.
- Multi-factor Authentication with an Android Phone (App)
- Multi-factor Authentication with an iPhone (App)
- Receive a Phone Call with Multi-factor Authentication
- How to Manage Phones Registered with Multi-factor Authentication
Visit the NUIT website to find out more about this password protection technology at Northwestern and how to use it.