SLG is Coming Top Leaderboard
The Student News Site of Louisiana State University

Reveille
The Student News Site of Louisiana State University

Reveille
SLG is Coming Top Leaderboard
The Student News Site of Louisiana State University

Reveille

MFA enforcement begins Sept. 30; two forms of verification now needed to access accounts

By Sophie Liberto
September 24, 2019
Courtesy of Wikimedia Commons
computer

The LSU ITS Security and Policy Team is implementing Multi-Factor Authentication for cloud applications and services. This is to provide an extra layer of security to LSU email, OneDrive for Business, Teams, Zoom and Box accounts. The change will not impact students’ Moodle or MyLSU accounts.

On Sept. 30, MFA enrollment will begin for all students. Just as students are required to set a password to protect their accounts, they will be required to enroll with an MFA method. Students can postpone enrollment, but everyone must be enrolled by October 14, according to the ITS Security and Policy Team. 

After Oct. 14, students will not be able to log into their account on or off campus until at least one MFA factor is enrolled.

Students can choose to require MFA every time they log into their account or can exempt a device for 30 days. 

MFA verification is a combination of a student’s username, password and mobile device. MFA is a more secure way to protect information because it relies on two forms of authentication: account information and the mobile device used to access that information.

The service will ask students to provide extra proof when they attempt to access the services from off campus.

“The objective of MFA is to protect usernames, passwords and accounts,” Chief Information Security Officer Sumit Jain said.

IT has sent out several broadcast emails about the coming MFA changes. After Oct. 14, MFA will be implemented for faculty and academic departments; departments like ITS, Finance and the President’s Office have already been enrolled. 

“The biggest thing is that this isn’t being done to make people’s lives difficult,” Jain said. “It is just to ensure that the accounts are secure and the information behind it is secure. Whenever we end up having compromised accounts, they can easily be leveraged to send out phishing messages and it can have impact for that.”

Jain gave an example explaining how IT had an issue last October where they had to suspend close to 200 accounts in the span of two weeks because they were compromised. MFA verification will hopefully prevent similar situations from occurring, according to Jain.

“This is just an additional layer of security to protect the accounts,” Jain said.

Print this Story
More to Discover
More in News
Affording Dreams: How LSU students are paying for costly graduate application fees
From the field to the fight: LSU football player raises epilepsy awareness alongside his mom
LSU Successfully Reaffirms Accreditation
LSU Successfully Reaffirms Accreditation