OIT News

NC State requires mandatory 2FA for Google Apps and Shibboleth logins

By Rhonda Greene

NC State University requires all employees to enroll by Oct. 31, 2017 in both of its two-factor authentication (2FA) solutions — Google 2-Step and Duo — to access most web-based university systems and accounts. Those affected are faculty, staff, student employees, and no-pay employees, including retirees.

You can and should enroll NOW to protect your personal and university data assets against phishing attacks.

Two-factor authentication adds an additional layer of security when you sign in to an account by requiring you to log in with a password and an additional security measure (e.g., a security code that is delivered to a mobile device via text or mobile app, a USB security key or backup codes). This two-step login process prevents up to 98 percent of phishing attacks.

On Oct. 31, you will be required to use both:

  • Google 2-Step Verification for your Google Apps @ NC State accounts, including Google generic accounts for which you are listed as an administrative or technical contact.
  • Duo Two-Factor Authentication for university web applications that use Shibboleth authentication (e.g., MyPack Portal, Moodle, PeopleAdmin).

To ensure campus employees meet the Oct. 31 deadline, the Office of Information Technology (OIT) is:

  • encouraging self-enrollment now.
  • working in a phased approach with IT staff in colleges, divisions and units to develop timelines to enroll their employees. Contact your local IT staff to find out when your unit will be enrolled. OIT will offer custom 2FA classes to campus units as well as general classes for campus on a monthly basis.

Self-Enrollment & Support

  • Follow the enrollment instructions and support documentation on the Two-Factor Authentication at NC State website.
  • For additional support:
    • Attend a 2FA class for campus. To register, visit Classmate.
    • Contact your local IT staff.
    • Contact the NC State Help Desk at help@ncsu.edu or 919.515.4357 (HELP) Monday through Friday from 8 a.m. to 5 p.m., excluding campus holidays.

Enrollment Reminders
You need to enroll in both Google 2-Step and Duo. Starting in late spring, if you have not enrolled in both, you will receive email notifications on a regular basis to remind you to do so.

As a general reminder, NC State will never ask for your password or security codes. Please do not share this information with anyone.

Please check SysNews for more information.