Multi-Factor Authentication (MFA) will be required at login for more WSU applications, including Blackboard, Adobe, Cougar Card, Zoom and others, beginning at 6 a.m. on March 16. Users should check with local technical support for any department-specific applications that may be affected.
It may be easy for some users to wonder why additional security measures are needed when they rarely see that their accounts are under attack. Things aren’t so quiet however on the front line of cyber security at WSU, where Information Technology Services (ITS) prevents nearly 1,000 accounts per month from password-related cyber assaults.
Currently, ITS identifies and preemptively resets an average of 30 compromised accounts each day, with weak or stolen passwords being the most common threat. MFA provides a more robust information security perimeter by engaging the most important defense element of all: the user.
With more than 80% of all data breaches being due to compromised credentials, MFA has become the standard across many industries including higher education, healthcare, defense, and finance. In fact, most Cougs have likely been using Multi-Factor Authentication for years without even realizing it. When an ATM requires a card and a pin number? That’s MFA.
Universities are especially unique targets for cyber criminals due to the access provided between user accounts. At a university, a single user account might have direct access to sensitive information across any number of departments. An example of this was seen at Oregon State University just last year, when a compromised employee email account resulted in potential information exposure for hundreds of students and their families.
OSU is now joining WSU and the overwhelming majority of higher-ed institutions in making extra verification a requirement.
Consider Your Options
Since adding MFA to myWSU in December 2019, nearly 100% of the approximately 50,000 active users have set up and are using MFA, with the majority preferring text messages (SMS).
Some WSU community members who are relying on text messaging for MFA have provided feedback that they occasionally experience frustrating delays when waiting for their texted login code. This is a result of cell providers not prioritizing text messaging during periods of heavy demand. Phone calls are top priority, and customers can time out on MFA login while waiting for the texted code required to complete authentication. To help prevent this issue, ITS suggests considering an alternative MFA option, such as one of the available authentication apps, or a phone call.
Visit the ITS website for more information regarding MFA.
For technical assistance, please contact the Crimson Service Desk.