Multi-factor authentication became a requirement for Western Washington University accounts on Tuesday, Jan. 31. Often referred to as MFA, multi-factor authentication requires users to confirm their identity through multiple methods when signing in to an online account, protecting it from online scams or attempts to steal personal information.
“These prompts often take the form of a text message sent to your phone,” said John Farquhar, director of Academic Technology and User Services at Western. “But [MFA] can include other forms of verification such as confirming your identity with an authentication app.”
ATUS recommends students download and use the Microsoft Authenticator App. This app allows students to connect their Western accounts to a second wall of security without greatly increasing the amount of time it takes to sign in.
Anyone with MFA established on their account will receive a message if someone other than themselves tries to access their account and can deny the sign-in attempt, preventing any harmful actions.
“Cybersecurity is part of student safety,” said Chris Miller, director of enterprise infrastructure services. “Many passwords can be guessed or cracked by bad actors, and people can be tricked into giving up their passwords by clicking on links they think are safe.”
ATUS has noted an increase in the number and sophistication of phishing attacks involving Western accounts. Phishing is a form of cyber attack where emails disguised as official messages attempt to reel in personal information from the people who receive them.
According to Farquhar, Western’s information security office halted 174 phishing incidents in the last six months, resulting in the removal of 135,588 phishing emails from Western accounts.
“Implementing MFA while classes were being taught remotely would have been more challenging,” said Farquhar. “Now that classes have returned to in-person, many colleges and universities have decided to no longer wait.”
Some students at Western are aware of online attacks and attempts to steal their information and are prepared with extra protection from technology like MFA.
“I definitely have gotten some weird almost ad-like emails on my student account that just seem very strange,” said Megan Reynolds, a fourth-year student at Western. “I think it’s good to have some extra security for our accounts in case some people just assume those are regular scholarly emails.”
Students like Reynolds are appreciative of the protection MFA provides, even if it is slightly more troublesome.
“Sometimes it’s a little annoying for more simple things,” said Reynolds. “But I think I would take being annoyed over having my account compromised.”
Allowing a hacker to access your online account can harm others around you, not just yourself. Hackers can perform hurtful actions that have your name stamped on them.
“We are helping reduce the risk of [students’] identities or paychecks being stolen,” said Miller. “We’re reducing the chance that a student account could be hacked and used to send illegal or harassing messages to other students.”
When it comes to online messages with your name, the person receiving those messages will likely have no idea it’s not actually you talking to them. They will not know who’s behind the curtain, and you likely will never catch the culprit or understand what has happened until it is too late.
MFA is a crucial piece of security that will prevent these scenarios from happening. For further questions on what MFA is about and how it can help you, make sure to check out the ATUS website.
Ben Stainbrook (he/him) is a campus news reporter for the The Front during the 2022-2023 winter quarter at Western. He is a second-year student and is planning to major in visual journalism. Away from reporting, he enjoys taking photographs, playing games and making music.
You can message him @firstname.lastname@example.org