Hobart and William Smith Colleges Finds MFA Success

A New York institution has succeeded in getting its users to adopt multi-factor authentication. Hobart and William Smith Colleges began its MFA adoption in the 2019-2020 school year, tightening authentication procedures gradually among specific applications and web services and across its community of students, faculty, staff and network guests.

Recently, the institution, which is working with SecureAuth security products, had reached 100 percent adoption among its regular users.

MFA provides an additional layer of security beyond user name and password by requiring users to provide an extra credential, such as texting a just-in-time PIN or answering a challenge question.

Once a user has signed into a given service using MFA, the system remembers and trusts the same browser and device for 30 days. During that period, the user doesn't need to use the extra verification step for that service. (The exception is public computers like those in labs and classrooms.)

Mobile numbers are maintained in PeopleSoft and provided either by HR, when users are added, or through a self-service menu.

Aside from receiving a PIN to enter for authentication, users can also choose other delivery methods, including e-mail, voice and knowledgebase questions.

The selection of SecureAuth identity platform, according to Derek Lustig, the institution's director of Infrastructure and Security Services, was based on being able to "get federation, self-service password management and multi-factor authentication in one product" and being able to "go to one source for support."

Although users have settled into the use of MFA on campus, Lustig noted that the "fine-tuning" of authentication is continuing.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • student reading a book with a brain, a protective hand, a computer monitor showing education icons, gears, and leaves

    4 Steps to Responsible AI Implementation

    Researchers at the University of Kansas Center for Innovation, Design & Digital Learning (CIDDL) have published a new framework for the responsible implementation of artificial intelligence at all levels of education.

  • glowing digital brain interacts with an open book, with stacks of books beside it

    Federal Court Rules AI Training with Copyrighted Books Fair Use

    A federal judge ruled this week that artificial intelligence company Anthropic did not violate copyright law when it used copyrighted books to train its Claude chatbot without author consent, but ordered the company to face trial on allegations it used pirated versions of the books.

  • server racks, a human head with a microchip, data pipes, cloud storage, and analytical symbols

    OpenAI, Oracle Expand AI Infrastructure Partnership

    OpenAI and Oracle have announced they will develop an additional 4.5 gigawatts of data center capacity, expanding their artificial intelligence infrastructure partnership as part of the Stargate Project, a joint venture among OpenAI, Oracle, and Japan's SoftBank Group that aims to deploy 10 gigawatts of computing capacity over four years.

  • laptop displaying a phishing email icon inside a browser window on the screen

    Phishing Campaign Targets ED Grant Portal

    Threat researchers at cybersecurity company BforeAI have identified a phishing campaign spoofing the U.S. Department of Education's G5 grant management portal.