UW Information Technology

2FA Reduces Security Risks

Two-factor authentication (2FA) is the best way for the UW to protect our data systems from phishing scams and other methods of identity and data theft. This includes protecting data in Workday, our new human resources and payroll software system.

In 2016, over 250 phishing messages were reported to UW-IT. Each phishing message is usually sent to thousands of UW email addresses. These messages are increasingly used to target users for the purpose of tax fraud. Unfortunately, over 3,700 UW NetIDs were compromised and disabled last year.

Two-factor authentication (2FA), using a new service called Duo Security, adds a second layer of security when signing into certain systems that require a UW NetID. Normally, identity is verified with a password, but verifying with a second factor, like a smartphone or security token, helps prevent anyone but the owner of an account from signing in, even if they know your password.

The University has used 2FA for years. Now we’re expanding our use to more systems and using Duo Security as our vendor.

Enrollment for Duo starts in April 2017 and is required to use Workday.

For more information or to enroll visit the 2FA website.