Written by Sara Hook and Emma Jones // Graphic by Cooper Turman
DormNet announced last week that the University is requiring all students to use multi-factor authentication (MFA) beginning this fall, in an email sent to students April 11.
MFA has been required for employees since fall 2021, according to an article from The Bison on Sept. 30, 2021. Chief information officer Keith Cronk said the next phase is requiring it for students.
“There is no specific incident that prompted the implementation of MFA for students,” Cronk said. “This is something that needs to be done to help prevent potential cyber security breaches that could expose student information to bad actors.”
There has been an increasing number of cyber security breaches at schools, Cronk said, and some of those schools have been close by. Five colleges in Louisiana had to shut down their internet to address security last December, and in November 2022 the Little Rock School Board authorized paying a ransom to end a cyberattack.
“This has happened to other universities around the world,” Cronk said.
MFA is not a new concept and has been used for decades in banks, hospitals and many other places that handle sensitive documents. Cronk said one difference at Harding is the use of an authenticator.
“We are using the Microsoft authenticator because we use the Microsoft system to log in to our accounts,” Cronk said. “This involves adding an app to our phones. After the initial setup, it is really quite simple. It is also quicker than waiting for a text code and then entering that code.”
Junior cybersecurity major Nathan Collier said while many students may not understand the need and many professors get frustrated with the system, it is important.
“I do think that it is a very necessary precaution,” Collier said. “MFA may take just a few more seconds to log in to Canvas or Pipeline, but it makes it that much harder for a would-be attacker to gain access to someone’s account.”
In the future, MFA will be required for alumni accounts as well, according to the DormNet email. The goal is to have every harding.edu account using MFA by the end of 2023.
“I think that it will continue to become more widespread because account usernames and passwords are being sold and bought for malicious purposes,” Collier said. “These accounts can have user data that can leave someone vulnerable to identity theft and other various cybercrimes.”
In the meantime, MFA is available for students to opt in, and any questions can be answered by the DormNet Help Desk at 501-279-4545.
“It’s not complicated and will only take a few minutes,” the email said. “DormNet is here to help you get it set up.”