Multi-factor authentication (MFA) requires two or more pieces of evidence, or “factors,” to prove your identity when you log in. According to Microsoft, those who use MFA will block 99.9% of automated attacks. Two-factor authentication (2FA) is a type of MFA that requires exactly two factors of authentication.
- MFA adds an additional layer of protection in addition to your password.
- The UW uses Duo, a two-factor authentication (2FA) service, for certain applications and services, but be sure to use MFA on all your online accounts that offer it, especially email, social media, and financial accounts.
- Use authentication apps or hardware tokens for added security.
- While 2FA can go a long way toward fending off attacks, it’s important to stay aware that adversaries are able to bypass 2FA methods to compromise accounts. Never approve an authentication request from Duo or any other authenticator service if you didn’t do anything to trigger the request.
- Find more information on IT Connect on reporting fraudulent Duo requests and see an example on this previous post.
Resources
Learn more about MFA and 2FA on IT Connect
CISA: More Than a Password
CISA: MFA Tip Sheet