What is 2-Factor Authentication (2FA)?
2-Factor Authentication adds a second layer of security when accessing UT accounts. When using 2FA, you’ll be required to use two different sources (factors) to verify your identity:
- something you know – your username and password, and
- something you have – a phone or passcode, to authenticate and gain access to an account. For example, this may be a smartphone or tablet using an app or a hardware token device.
We strongly recommend that you register at least two devices, a primary and a backup.
Why do we need 2-Factor Authentication?
Passwords aren’t getting the job done to protect the university and you against cyber attacks.
2FA boosts protection of your account from hackers. We are all used to having one layer of security — our password — to protect our accounts. With 2FA, if the bad guys have your password, they will still need your phone or passcode to get into your account. A recent phishing scam resulted in approximately 1,300 compromised accounts. 2FA will stop the use of UT accounts to create more scams which will result in fewer compromised accounts.
If you receive a verification request on your phone that you didn’t prompt, you’ll know that someone is trying to access your accounts. You will deny that request and then work with the OIT HelpDesk to reset your password and secure your account.
Protecting the University is a team effort
On our campus and at universities across the country, phishing emails are very common. All it takes is one person to click on a bad link and unknowingly share their credentials for a domino effect of compromised accounts to quickly proliferate across campus. 2FA can help keep bad guys out, even if they get your username and password through a phishing attempt.
Your credentials are valuable to criminals
When bad guys steal your username and password, they can lock you out of your account, and then do any or all of the following:
- Change your financial aid or direct deposit
- Pretend to be you and send unwanted or harmful emails to campus
- Go through — or even delete — all of your emails, contacts, files, etc.
- Use your work account to reset the passwords for any of your personal accounts that may use your UT email as the username (banking, shopping, etc.)
- and much more
The university has engaged Duo Security to provide two-factor authentication services.
There are three ways you can use 2-factor authentication to log in to your accounts.
- Duo Push (Preferred method)
Install the Duo Security Mobile app on your smartphone to receive push notifications. Once this is installed, and you attempt to login to UT applications, you’ll receive a push notification on your smartphone. Open the notification, and you’ll see a green checkmark and a red x. Simply tap the green checkmark to gain access. Using the Duo app also adds an extra physical layer of security to any smartphone with a passcode enabled.
Concerned about data usage? Duo Push uses very little data. 500 pushes to your device will use 1 MB of data in total. This is roughly equivalent to loading one webpage on your smartphone.
Use the Duo Security mobile app to generate temporary passcodes. This option does not require wifi or data, so this is a great option if you’re traveling or if you have limited or no cell/internet service. Open your Duo mobile app, tap the key icon, and it will reveal a passcode. Log into the application, choose the enter a passcode option, enter the code, and you’re in!
- Hardware Token
If you do not have a smartphone, you can request a hardware token from the OIT HelpDesk. The hardware token will generate temporary passcodes.