Educause Security Discussion mailing list archives
Re: a few more 2 factor authentication questions
From: "Haselhoff, Brent" <brent.haselhoff () WKU EDU>
Date: Thu, 20 Jun 2019 20:57:44 +0000
We don’t have licenses for students, but for the systems we have Duo enabled, we require it for employees. We didn’t consider an opt-in approach. I have a feeling that the folks that are most likely to have weak passwords or fall for phishing wouldn’t sign up if we did. We considered not requiring MFA while on-campus, but ultimately decided to require it from everywhere in order to give folks the same experience on-campus as off-campus. We allow folks to “remember this device” for 30 days. Brent Haselhoff Manager, IT Security and Identity Management Western Kentucky University brent.haselhoff () wku edu<mailto:brent.haselhoff () wku edu> 270-745-2012 From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Schnitzer, Lawrence Sent: Thursday, June 20, 2019 3:34 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] a few more 2 factor authentication questions ** This message originated from outside WKU. Always use caution following links. ** We're in the infancy of rolling out Duo for 2-factor at the University at Buffalo and are pondering policies. I'm wondering what other edu's are doing for the following: * For the systems that use 2-factor (once we install it on shibboleth that will be most of our systems) is it mandatory for all faculty, staff, and students? Maybe an opt-in approach? * If you auto enroll everybody is there an opt out process? * Do you require 2-factor regardless of a user's location? (It's been suggested that we don't require from on campus networks.) * How often do you require 2-factor? Every login? Once per day or week, etc.... Thanks. -Larry -- Larry Schnitzer Director Enterprise Infrastructure Services University at Buffalo
Current thread:
- a few more 2 factor authentication questions Schnitzer, Lawrence (Jun 21)
- Re: a few more 2 factor authentication questions Haselhoff, Brent (Jun 21)
- Re: a few more 2 factor authentication questions Telfer, Will (Jun 21)
- Re: a few more 2 factor authentication questions Francisco Chavez (Jun 21)