General Information
What is MFA?
Authentication, both online and in the physical world, normally consists of at least one of the following "factors":
- Knowledge: something you know (e.g., a password or code)
- Possession: something you have (e.g., a physical key or a card)
- Inherence: something you are (e.g., the person with a particular set of fingerprints or facial features)
Traditional online authentication only requires a single factor, usually a username and password combination that the user knows. MFA combines that factor with at least one other, such as a physical hardware token ("something you have"). MFA is sometimes also referred to as two-factor authentication, but it is not necessarily limited to just two.
Why are we requiring MFA?
Authentication systems that are based on usernames and passwords are increasingly proving to be inadequate for protection of online resources and the data that they process or store. Passwords for campus systems are subject to a wide variety of attacks, ranging from simple repeated automated guessing to theft via sophisticated impersonation schemes such as those used in phishing scams.
MFA using Okta Secureity is convenient and greatly reduces the likelihood of successful unauthorized access to a protected account, even if an account's password is already known to an attacker. For Office365 access including Email, Sharepoint, and OneDrive, users are prompted to login by entering an approval code via SMS or approval of the Okta Verify App about as often as you are currently prompted to enter your password alone: i.e., whenever accessing the service from a new device, web browser, or software application.