OIT News

NC State requires Google 2-Step and Duo to log in to systems and accounts

By Rhonda Greene

Strong passwords alone are simply not enough to thwart phishing attacks, which can lead to compromised accounts and exposed university data. But when combined with other security measures such as two-factor authentication, a two-step login process, they provide better protection.

Beginning Tuesday, Oct. 31, 2017, NC State will require all employees to use both Google 2-Step and Duo 2-Factor Authentication to access most web-based university systems and accounts.

Two-factor authentication (2FA) methods like Google 2-Step and Duo add an additional layer of security when a user signs in to an account. Once the user activates this security measure, the user will be required to log in with a password and an additional security measure (e.g., a security code that is delivered to a mobile device via text or mobile app, a USB security key or backup codes).

Effective Tuesday, Oct. 31 , 2017, all university employees will be required to use both:

  • Google 2-Step Verification for
    • their Google Apps @ NC State account.
    • any Google generic accounts on which the employee is listed as an administrative or technical contact.
  • Duo Two-Factor Authentication for university web applications that require Shibboleth logins.
    (e.g., MyPack Portal, Moodle, PeopleAdmin).

To meet the Oct. 31 deadline, OIT will approach the implementation in phases, working with colleges, divisions and units to develop timelines for their employees. In the next phase, employees with significant access to Ultra-sensitive or Purple data (e.g., Social Security numbers, credit card data) who have already enabled Google 2-Step will be required to enroll in Duo Two-Factor Authentication. They will be contacted in January and will have a deadline of Monday, Feb. 27 to enroll.

Open enrollment/activation for:

  • Google 2-Step Verification is available now.
  • Duo Two-Factor Authentication will be available on Monday, Jan. 23, 2017.

Employees who choose to enroll ahead of the units’ implementation schedule will need to refer to material provided at Two-Factor Authentication at NC State or contact their IT staff for support and questions.

For more information about this requirement, employees should contact the NC State Help Desk at help@ncsu.edu or 919.515.4357 (HELP) Monday through Friday from 8 a.m. to 5 p.m., excluding campus holidays. This information is also available via SysNews.

As a general reminder, NC State University will never ask for passwords or security codes. Please do not share them with anyone.