NC State completes 2FA enrollment project

On Feb. 17, the Office of Information Technology (OIT) enforced the last student cohorts to enroll into the university’s mandatory two-factor authentication (2FA) solutions — Google 2-Step Verification and Duo Security

This act brought closure to the university’s mandatory student 2FA enrollment process and an ambitious initiative that began four years ago to enroll the entire university community. Google 2-Step and Duo are simple two-step login processes that allow users to log in securely to many campus technology services and to protect their personal and university data assets against up to 98 percent of all phishing attacks. Those who did not self-enroll were automatically enforced into 2FA and will be required to enroll with their next password change renewal.

Employee 2FA Enrollment

NC State University, like all institutions of higher education, is under constant attack from cybercriminals. To improve cybersecurity, in March 2017, NC State initially required all university employees — including faculty, staff, student employees, no-pay employees, and retirees to enroll in 2FA by Oct. 31, 2017.

Student 2FA Enrollment
Three years later, on Sept. 1, 2020, NC State began a process to enforce all students to use 2FA. Student cohorts were added throughout the fall semester by their academic standing, starting with graduate students. Those affected by this mandate included active undergraduate, graduate, distance education, and non-degree seeking students.

At that time, approximately 14,000 active student accounts were already enrolled in 2FA; many were required to enroll in the employee 2FA enrollment project.

Safer with 2FA
As of March 8, 2021, an additional 27,348 active student accounts have been enforced in Google 2-Step and Duo.

The student 2FA enrollment coupled with the employee enrollment project helped the university to build a line of cyber defense against the ever-increasing phishing attacks that target the campus community. Now, more than 79,000 student and employee accounts are protected by 2FA, and OIT continues to enroll new students and employees in 2FA on an ongoing basis.