Featured, OIT News

It’s time to 2FA!

By Rhonda Greene

As a matter of fact, Tuesday, Oct. 31 is Halloween and cyber ghosts and goblins are real.

Oct. 31 — exactly two weeks from today — is also the deadline that all NC State University employees, including faculty, staff, student employees, no-pay employees, and retirees, are required to enroll in both:

  • Google 2-Step Verification for NC State G Suite accounts.
  • Duo Security for university web applications that use Shibboleth authentication, including MyPack Portal, Moodle and PeopleAdmin.

On Halloween and every day of the year, cyber criminals wait for an open invitation to trick you into releasing your personal or confidential data — social security numbers, bank accounts, usernames, and passwords for their personal gain. To protect against numerous cyber threats and unauthorized access to data, employees must turn on these simple two-factor authentication (2FA) processes that will enable them to log in securely to many campus technology services and prevent up to 98 percent of phishing attacks.

While a majority of employees have enrolled in 2FA, many have not. Seventy-nine percent of approximately 25,000 employees have enrolled in Google 2-Step, and 72 percent have enrolled in Duo.

If you do not enroll by Oct. 31; you will:

  • be locked out of your G Suite account and campus services that use Shibboleth on Nov. 1.
  • have to contact the NC State Help Desk to get access to your G Suite account.
  • be forced to self-enroll in Duo before you can access applications that use Shibboleth authentication.

Regaining access to campus services could take weeks, depending on the number of university employees who also will need the help desk to unlock their accounts.

If you are a supervisor, please encourage all of your employees, including temporary and student employees and graduate assistants, to enroll in Google 2-Step and Duo as soon as possible.

To enroll, follow self-enrollment instructions via the Two-Factor Authentication at NC State website. You may also attend a Two-Factor Authentication enrollment workshop, drop-in event or online question-and-answer session listed on the Cyber Security Awareness Month website.