Yesterday WSU welcomed a new era in information security with the implementation of Multi‑Factor Authentication (MFA) to access myWSU. With close to 25,000 community members now using MFA, and close to 300 more joining each hour, Information Technology Services (ITS) is already looking forward to the next phase coming later this spring.
More than 80,000 active individual user accounts successfully adopted WSU’s new Single Sign‑On (SSO) service through top industry provider, Okta, in May 2019. An average of 50,000 regular users now enjoy the benefits of this upgraded security tool, including self‑service password recovery that largely eliminates the need to call technical support for assistance.
Following Okta’s introduction to users, more than 60 WSU business applications then migrated from the legacy network security to using the new Okta (SSO) credentials procedure. Now that users are prepared for MFA, the next step is for those same WSU business applications to begin requiring MFA to anyone requesting access.
For now, users have a little time to settle into life with MFA for myWSU before the remaining applications implement the extra verification requirement later this spring. ITS encourages everyone to spend time navigating, testing, and finding the best MFA options for your individual needs. While the extra identity verification adds a few seconds to logging in, MFA offers protection from compromised credentials that are the root cause for more than 80% of data breaches.
WSU and Information Technology Services are committed to protecting our community of users and MFA offers some of the best security available today.
Still need to set up your MFA?
MFA can be configured by visiting account.wsu.edu and selecting at least two of the following five options under Extra Verification; a minimum of one is required, and others will serve as backups during non‑business hours when support staff are not available to assist.
OKTA VERIFY MOBILE APP
Two options include either a code that changes every 30 seconds, or a push method, to approve authentication
GOOGLE AUTHENTICATOR MOBILE APP
A new code generates every 30 seconds
SMS (TEXT MESSAGE CODE)
A texted code will be sent to the user’s selected mobile device
An automated message providing a 5‑digit code will be delivered to the user’s selected mobile device or desktop phone
FIDO Certified USB SECURITY KEY
This device, similar to a flash drive, inserts into a USB drive
Continued MFA implementation schedule
- Other WSU applications already using the new SSO system will have the opportunity to add MFA beginning in spring 2020.
- Workday, the new business system for managing WSU finance, human resources, payroll, and grants management, will also utilize MFA immediately upon launch in July 2020.