Multi Factor Authentication

Why is Multi Factor Authentication (MFA) important?

The CSU and Stanislaus State have the responsibility to protect the information we collect or create in the process of conducting the activities of the institution.

Advances in computing and threats are highlighting weaknesses of traditional username and password (single factor authentication). With sophisticated and targeted social engineering, malware, and network-based attacks the traditional username and password combination to assert and prove identity for access is no longer considered safe, secure, or best practice for access to sensitive information systems and data. By requiring more than just a username and password credential compromise becomes far more difficult than in the past.

For these reasons, the CSU is actively moving beyond just needing a username and password for access to level 1 data and the systems that host it. 

What is Multi Factor Authentication?

Multi factor authentication is a challenge/response form of authentication that relies on at least 2 factors to decide you are the owner of the identity you are claiming. We are all familiar with single factor authentication, the traditional username and password combination. MFA relies on something know, like a password, and something you have or something you are which is connected to your identity.  Something you have may be a phone or a code generating token associated with your account. Something you are may be a fingerprint, facial recognition scan, or iris scan; also known as biometrics. 

How does it work?

The CSU is using Duo Security as the provider of the MFA services. More information on Duo

Who needs to use MFA?

Individuals with access to sensitive data of others will need to use MFA to log into systems or services hosting the data. 

Where can I set up MFA?

You can enroll a device and enable MFA on your account by going to:

https://identity.csustan.edu/enrollmfa/

Log in with your Warrior ID and follow the steps to set up a device.

FAQ

What should I know or have before I start the enrollment process?

  • SMS capable phone, 
  • the Duo Security app, or 
  • a code generator token

Employees who do not have a phone capable of receiving SMS messages or running the app from Duo Security can get a code generating token issued by OIT.

What if I do not have an iOS or Android device?

SMS messages or a code generating token are alternative options to the Duo supported mobile device options.

How much does the app cost?

It is free for download and use.

Do I have to do MFA for everything?

With the CSU's continued focus on securing level 1 data and ensuring the security of business transactions once enabled on your account you will need to use MFA at all services that currently support it.

Which services support MFA?

All services using the Stanislaus State Warrior Sign In page, Employee VPN, Office 365, and CMS.

If I use the iOS or Android app can I use it for other services that support MFA?

Yes, there are other organizations and services that use MFA from Duo Security or support the one time PINs the app generates. You can use the app with those organizations or services if you would like.