Colorado State University is taking a positive step toward boosting logical security across campus with the introduction of two-factor authentication for students accessing university networks.
According to a university release, beginning April 25 anyone using the Colorado State web portal, Pulse Secure desktop or mobile client to connect to university networks will be required to use Duo two-factor authentication to complete their login. This marks the first in a multi-phase process that will see two-factor authentication better protect the identities of faculty, staff, and students on campus.
As part of the initiative, students will first need to register a second-factor device beginning this month. Student smartphones are the recommended option, along with downloading the accompanying Duo mobile app.
At the time of authentication, Duo will send a push notification to the smartphone where students verify their identity by pressing a green checkmark on the screen. Alternatively, Duo can also generate a six-digit code — similar to Google Authenticator — through the app that can be entered manually as validation of a student’s identity.
Students can also choose to register a cell phone, desk phone, or home phone number. Using this method, the Duo system will call the student to validate their identity.
Finally, there is a hardware token option that would require students to purchase, from the university, a $23.75 device that also generates a six-digit code.
Two-factor authentication better protects users’ identities by requiring a second method of identification: something you have plus something you know. We routinely use two-factor authentication in a number of places already, whether it’s at an ATM, on our mobile devices or accessing our various accounts. It’s a small, quick step that can boost security, and Colorado State is doing well to safeguard logical security for its students.