Story by Dave Hoffman
In recent months and years, we have been reading about identity theft and hackers breaking into companies like Equifax, Home Depot, and Anthem Blue Cross/Blue Shield. These same hackers are attacking universities across the nation, and you have probably received suspicious emails phishing for your personal information.
To better protect the identities of our faculty, staff, and students, CSU will begin implementing two-factor authentication. This first phase will be restricted to anyone who logs in using the secure.colostate.edu portal and the Pulse Secure desktop or mobile client applications.
What is two-factor authentication?
Two-factor authentication better protects your identity by requiring you to identify yourself using two different methods: something you have plus something you know. You already use it to access your ATM (your ATM card plus your PIN). Many financial institutions now require something you know (your username and password) along with something you have (a cell phone or email address to receive a six-digit code) to validate your identity.
If you log in to the CSU computer network through Secure.colostate.edu or Pulse Secure, you may have already seen the pop-up message about DUO two-factor authentication on your screen. On April 25, two-factor authentication will be required to log in, so prepare yourself at some upcoming educational events.
How can I learn more about using two-factor authentication?
Visit the website www.authenticate.colostate.edu and attend one of the open forums; no registration required. All Open Forums will also be simulcast over the BlueJeans network — login information available on the website.
The first will be held on March 20, 1 p.m., in the Morgan Library Event Hall, followed by drop-in assistance by experts from ACNS, 1:30-4 p.m. in the Library Computer Classroom 173.
Other Open Forums in the Library Event Hall and drop-in assistance times are set:
April 13, Open Forum 9 a.m., drop-in assistance, 9:30 a.m.-noon, Classroom 174.
April 23-27, drop-in assistance 9 a.m.-noon, in Classroom 173, and 12:30-4 p.m. in Classroom 174.
Where else can I get help?
You can get help by calling the central help desk at (970) 491-7276, emailing firstname.lastname@example.org or by stopping by the help desk in Morgan Library.
At CSU, the something you know will be your ename and password; the something you have will be a phone or token.
When will this take place?
Beginning Wednesday, April 25, anyone using the secure.colostate.edu web portal or the Pulse Secure desktop or mobile client to connect to CSU will be required to use Duo two-factor authentication to complete their login.
How do I sign up?
You can start registering your second-factor device(s) beginning March 19, by clicking on the Sign-Up/Modify Devices button on the www.authenticate.colostate.edu website. You can register:
- Your smartphone (Recommended). You will need to download the Duo mobile app from your phone’s store before registering your phone. This will allow Duo to push a message to your phone where you can verify your identity by pressing on the green checkmark. You can also generate a six-digit code using the Duo App that can be entered as a validation of your identity.
- Any phone number. You can register your cell phone, desk phone, home phone, etc. and the system will call you to validate your identity.
- A hardware token. These can be purchased from RamTech for $23.75 and will generate a six-digit code that you can use.
Dave Hoffman is project manager for ACNS.