#Cyberaware Utilizing Multi-Factor Authentication

October 28, 2022

Submitted By: Gregory Freidline

One of the themes for this year's #Cyberaware campaign is using Multi-Factor Authentication. Today we’d like to bring you some information about how you can use this powerful tool for accounts inside and outside of UHart.

The process of authentication, or proving who you are, is key to protecting your information, such as your email, social media, or online banking accounts. You may not realize it, but there are three different ways to prove who you are: what you know (such as a password), what you have (such as your driver’s license), and some part of you (such as your fingerprint). Passwords are the most common authentication method, which is something you know. Unfortunately, using passwords just by themselves is proving to be more and more insecure, Thus, we’ve introduced multi-factor authentication.

Multi-factor authentication (also called two-step verification, two-factor authentication, MFA or 2FA) is far stronger than just using passwords by themselves. It works by requiring not one, but two different methods to prove that you are who you say you are. A good example is your ATM card. When you withdraw money from an ATM, you are actually using two-factor authentication. To access your cash, you need two things: your ATM card (something you have), and your PIN (something you know). If your ATM card is stolen, the thief cannot withdraw money unless they also know your PIN.

Once you enable multi-factor authentication, you can expect it to work just like this. First, you log into your account using your username and password, just as you always have. Then you will receive a unique code, often via text to your smartphone. You then enter that code into the login screen. Even if a cybercriminal steals your password, they cannot access your account unless they also have your phone. For added security always have a PIN or password on your phone as well!

We have all grown accustomed to using MFA here for Email, Banner, and VPN. It’s not time to think about expanding that to your other accounts across the internet.

Multi-factor authentication is widely available on most major banking, email, and social media sites. Most of these sites offer simple step-by-step instructions how to turn on multi-factor authentication. Links to many popular sites MFA instructions can be found here: https://stopthinkconnect.org/campaigns/lock-down-your-login.

ITS would like to remind all faculty and taff that the #Cyber2022 training opened this week. All employees, full and part time, will receive an email from University of Hartford system@litmos.com with a subject line of “University of Hartford CyberAware2022 training”. In that email will be a specific link for you to create your account and begin your training.