UW-Madison introduces of MFA to further secure personal information

Multi-factor authentication process will be implemented at UW-Madison in order to create a safer online experience for students and staff.

In addition to the original login process, UW-Madison is adding a second verification process — multi-factor authentication (MFA) — to strengthen digital security usually used in many businesses.

This process is an additional step that is utilized by a smartphone or token (also called a fob) to verify personal identity and takes no more than a few seconds to complete. MFA also provides an extra layer of protection and prevents breaches of both student and faculty login information.

A breach at the University of Central Florida caused a loss of 60,000 identities, and at the University of Maryland, a cleanup effort is underway following a breach cost over $6.2 million.

“MFA will prevent us from having the same risk exposure as companies that were breached,” Lisa Bender from the Division of Information Technology said.

According to UW System Administrative Policies 1030 and 1031, the university needs to establish minimum authentication standards to “safeguard account-based access to information” and has to “manage data in a consistent and appropriate manner.”

Bender said the system is not fully implemented yet.

“We have begun to roll out the service by school, college and division to faculty and staff – including full-time employees who are also students,” Bender said. “The goal is to complete the rollout to all UW–Madison employees by March 2019. All students enrolled in degree programs, including student employees, will be brought on board by the end of 2019.”

For more information of the MFA system, a free panel will be held by Duo Security at the Computer Science building on Oct. 18.