[ skip to content ]

Toggle Mobile Menu

News @ ODU

More Information about this image

You Visit Tour. Webb Lion Fountain. June 1 2017. Photo David B. Hollingsworth

ODU Will Require Two-Factor Authentication to Access Accounts

Old Dominion University receives thousands of phishing emails each year, and 10 to 30 percent of phished accounts become compromised, according to Doug Streit, ODU's chief information security officer.

Hongyi "Michael" Wu, professor of electrical and computer engineering, said that the Verizon 2016 Data Breach Investigations Report shows that 63 percent of confirmed data breaches involved weak, default or stolen passwords.

These are just two reasons why ODU will require two-factor authentication starting in November.

"Two-factor authentication is a proven technology that adds further security to the login sequence. Many other organizations have adopted or will soon adopt two-factor authentication," said Wu, who was an early adopter of two-factor authentication.

Two-factor authentication adds a layer of security to online accounts by requiring users to provide a second form of digital identification in addition to a standard user name and password.

Considering that a MIDAS ID and password provide access to most ODU services, a single compromised account poses a notable risk to ODU systems and personal information.

"Last year, a student's email account was compromised and used to send a job scam out to thousands of ODU students. Several of those students responded to the job scam, and at least one resulted in a police report," Streit said.

When accounts are protected by two-factor authentication, scammers who are able to steal MIDAS passwords hit a wall when they're asked for a second form of identification.

"Phishing and job scams will still be possible," Streit said, "but it will be much more difficult to initiate them from odu.edu email addresses."

Enrolling in two-factor authentication

Faculty and staff can enroll in two-factor authentication between now and November, at which time it will be enforced for all faculty and staff accounts. Students and other University affiliates have until spring 2019 to enroll.

Complete enrollment instructions are found at www.odu.edu/two-factor.

Using two-factor authentication

After enrolling, users will log in to Monarch-Key services (including myODU, Blackboard and Leo Online) with a MIDAS ID and password. They will then have to confirm their identity with a second authentication method.

Verification takes just a couple of seconds. Most users will use the Duo Mobile app to send a push notification to their personal mobile device. Other options include hardware or software tokens that generate single-use passcodes.

"So far, over 1,000 employees have enrolled in two-factor authentication at ODU," Streit said. "Many have told me that they appreciate the added protection."

Representatives from Information Technology Services (ITS) will be available at several events across campus in the next few months to increase awareness and assist with two-factor enrollment. Visit www.odu.edu/two-factor for upcoming events and other helpful tips.

Related News Stories

Hands Typing on Computer

$2 Million NSF Grant Supports University’s Cybersecurity, Resilience, and Data Science Programs

The National Science Foundation recently awarded Old Dominion University a grant totaling more than $1.5 million with additional University matching funds of $644,741. (More)

President Broderick, Larry Atkinson and Elizabeth Smith at the Oceans 12 Conference

Local Business with ODU Ties is MIT Solve Challenge Finalist

Norfolk-based company wins $10,000 in funding at MIT Solve Challenge competition. (More)

Luke Downing

Perry Honors College Alum to Speak to Students on Oct. 11 as Part of "Real Talk" Series

Luke Downing co-founded the Norfolk-based IT company Mode5 a year after his 2001 graduation. It now has 27 employees and hundreds of clients. (More)