Stolen account access is one of the most common ways individuals, institutions, and organizations become vulnerable to cyberattacks. Scams targeting account compromise (gaining unauthorized access to NetIDs and passwords) are a frequent and ongoing threat at Northwestern and everywhere, but there’s a simple way we can shield against them.
Among the many tools the Northwestern Information Security Office employs to keep accounts secure, one of the very best, is the use of Multi-factor Authentication (MFA).
Duo powers Multi-factor Authentication at Northwestern. The Duo system acts as a gatekeeper, using two separate checkpoints to verify your identity:
- Something you know (your NetID and password)
- Something you have (a pre-registered device to which an access code can be sent and confirmed)
By using these checkpoints in tandem, the Duo system protects you against unauthorized account access even if someone learns your NetID and password.
Suppose at any time you receive a prompt on your Duo registered device requesting that you verify an access request that you have not made. In that case, you can deny the request and block the unauthorized access attempt—even if another party is using your correct NetID and password. Duo MFA’s dual layer of protection will keep your account and all the personal and University data it might open the door to, safe.
Northwestern University provides Duo Multi-factor Authentication as a small additional step at login that goes a long way in preventing unauthorized access. Northwestern IT recommends downloading the Duo app (for iOS or for Android) and selecting the “push” notification type for a fast and easy one-touch solution on your mobile device of choice. While a “push” notification is the best option for the vast majority, some usage scenarios will call for other available notification types.
If you need help getting started with Duo, read this Northwestern IT Knowledge Base article.