UCA now requires students to use the Duo Security app for multi-factor authentication when logging into university resources, and the IT team says it will prevent future scams.

In an email, Chief Information Officer Trevor Seifert and Director of Program Tim Roach explained why and how UCA executed the switch to MFA.

More universities are implementing programs like Duo Security as a part of their security plans because it is “becoming increasingly easier for your password to be compromised either through phishing attacks, illegitimate emails, or malicious software on your computer,” the email said.

MFA prevents this by requiring one or more verification factors when logging in to your account.

Duo Security is also a leader in multi-factor security, and many of UCA’s peer colleges also require it.

The IT team said in the email that measuring the number of students hacked each semester is difficult because not all incidents are reported.

However, the team is working to reduce risk exposure from credential theft and phishing.

“The rollout of MFA is not in response to any known attempt of unauthorized access to the university’s data,” said the email.

The most common way hackers compromise passwords is when students use the same password on several platforms.

“Having a strong password is the first step,” said the email. “But protecting that password and utilizing a second authentication goes a long way in protecting your personal information.”

The IT team phased the program in starting with staff members in the spring of 2022 and faculty in the fall.

According to the email, the process is relatively simple and only takes a few seconds, depending on your secondary device.

This means that in order to log in to UCA websites, users must use a personal device, such as a cellphone, to enter a code sent to their device.

“The pros of MFA are that it provides additional security measures beyond passwords at an individual level,” the email said. “It uses something that many people have (cellphones) or a device (hardware token) that is provided at no cost to the student.”

When asked about any specific cons Duo Security may have, the IT team said, “There are not many downsides to using MFA other than it is an additional step to get fully logged in to certain UCA applications for the student.”

Students can contact the IT Help Desk at [email protected] for help or they can visit the first floor of the Mathematics-Computer Science Technology building on campus.

Students should contact IT or UCAPD immediately if they suspect they were hacked or had their information stolen.