Georgia Tech Implements Two-Factor Authentication; Requires Student Adoption by October 2017
After successfully enrolling Georgia Tech faculty and staff in two-factor authentication, Georgia Tech Cyber Security is beginning to enroll students starting this semester.
Beginning October 16, all on-campus credit-seeking students at the Atlanta campus will be required to use two-factor authentication using the Duo app when accessing most Georgia Tech systems and services.
If you are among those students needing to enroll in two-factor authentication by Oct. 16, you should already see an alert each time you log in to the Georgia Tech system using your username and password. Georgia Tech systems include T-Square, Buzzport, email, and Passport, among others. Students not enrolled by the October deadline will be locked out of systems and services on campus.
“Our faculty and staff have been using two-factor authentication with much success,” said Jimmy Lummis, chief information security officer with the Office of Information Technology’s Cyber Security. “Many students are already enrolled, and we need to bring our remaining students on board.”
The Office of Information Technology began deploying two-factor authentication for faculty and staff early last year as part of a two-year project to adopt two-factor authentication to better protect students, faculty, and staff and their data from future cyber risks.
“Georgia Tech is advancing its strategy to protect entrusted data by implementing multifactor authentication. The approach is accepted as standard practice in environments with sensitive data such as financial institutions, defense organizations, and health care providers,” said the Institute’s Interim Chief Information Officer and Vice President for the Office of Information Technology Mark Hoeting.
What is two-factor authentication, the Duo app, and how does it work?
Two-factor authentication uses two pieces of information to establish your identity when you are trying to access a service. Your first factor is something you know, such as your password. Your second factor is something only you have, such as your mobile phone. If your password is stolen, a cybercriminal would need your second factor to access your data. Georgia Tech has partnered with Duo Security to use their Duo app as the tool to enable two-factor authentication to work. The app allows you to choose the type of authentication method that works best for you: a push notification sent to your device, a generated code each time you log in to a site, or another device such as a telephone to call you when two-factor is activated.
How do I enroll?
Once you’ve downloaded the app, you can complete your enrollment by seeking out a friend who is already using two-factor authentication. This is your “web of trust” and requires you to show your Buzzcard and GTID to a friend to prove you’re a legitimate Yellow Jacket. Additionally, you can enroll at the Technology Support Center, Clough Commons, Room 215, or if in a residence hall, with one of the Wreck Techs.
I’ve been enrolled. Now what?
Once you’ve enrolled in two-factor authentication using Duo, in addition to using your usual username and password to log in, you will need to authenticate your identity before accessing protected sites. When you log in to these protected systems, you will need access to your device(s) with the Duo app, or a telephone that you have configured for this purpose.
For more information, go to the two-factor authentication website at twofactor.oit.gatech.edu.