Off-campus access to Office 365 is now secure with two-factor authentication
In today’s cyber threat landscape, static login credentials using only a username and password are no longer sufficient to protect our systems and data. About 80 percent of confirmed data breaches involved weak or stolen passwords, according to Verizon’s Data Breach Investigations Report.
Two-factor authentication (2FA) is considered a best practice for preventing malicious intruders from accessing online resources using stolen or hacked passwords, such as those obtained via phishing attacks or malware.
2FA requires the user to have two out of three factors of authentication to ensure that they are who they say they are before accessing their account. The three factors are:
- Something you know: such as a password, PIN or a pattern
- Something you have: such as a mobile phone, tablet, landline or hardware token
- Something you are: such as a biometric, like a fingerprint or voice print
Beginning Wednesday, March 6, faculty, staff and student employees who log in to Office 365 from a non-university network through a web browser will be prompted for 2FA with DUO Security.
2FA with DUO will add a dynamic component to Office 365 browser log ins by requiring two factors of authentication: something you know (password) and something you have (a registered device with DUO). If your password is compromised, these layers of authentication will protect University data in the My UT Health Intranet, SharePoint Online, OneDrive for Business and other Office 365 applications. You will be alerted immediately with 2FA on your registered device if someone is trying to log in as you.
Please Note – Employees will not be impacted by this change when they are connected to the university’s network by: joining HSCwave or HSCguest, having a wired Ethernet network on campus or using the university’s Virtual Private Network (VPN) from off campus.
For more information, see the attached flyer: FAQs for Securing Office 365 with Two-Factor Authentication. If you have questions, contact the IMS Service Desk at 210-567-7777 or email Infosec@uthscsa.edu