Increased protection in a dangerous world
WSU's Information and Technology Services unit is implementing a staged rollout of “two-factor authentication,” or “2FA” for short. 2FA is an added security measure designed to ensure that you, and only you, are using your myWSU ID and password to access WSU's online services, systems and resources.
Going forward, accessing virtual resources that are protected by a WSU ID and password will employ a "what you know + what you have" approach to cyberdefense.
It takes something you know (like your password or PIN) and combines it with something you have (like a number-generating smartphone app, SMS message or telephone call) in order to make your account more secure.
How will it affect me?
WSU’s 2FA solution is provided by Duo Security. By the end of March 2019, all WSU faculty and staff (including student employees) will be required to enroll in Duo to maintain access to certain WSU online services, systems and resources like the myWSU portal, OWA (webmail), WSU Team Dynamix and Banner applications.
Once you enable 2FA, you will see an extra step after entering your username and password on the login screen. This step prompts you to authenticate your identity using the default method(s) you set up.
WSU is offering a few different ways for you to authenticate your accounts via Duo:
- Duo Mobile: a smartphone/tablet application that supports push notifications and Duo Mobile Passcodes
- SMS (Text Messages)
- Landline phone call
- YubiKey (hardware token)
This additional security step is becoming the standard in most industries and platforms, like banking, social media and email accounts. In fact, most people forget that most smartphones already require 2FA. We are excited to be at pace with industry and other institutions of higher education, including many of our fellow KBOR institutions, in bringing these important additional security steps to WSU.