Two-factor authentication (2FA), which was expanded last spring as part of Northeastern’s ongoing efforts to protect personal and institutional data, has already made a difference in keeping members of the university community safe online. Northeastern went from having multiple compromised accounts at all times to virtually none.
“This has drastically cut back on the damage that malicious actors are able to do, particularly through phishing emails,” says Megan Perkins, Information Security Manager.
Want Duo to Remember You?
One feature that makes Duo’s 2FA service even easier to use is the option to have it remember you for 30 days. However, if your device settings are set to automatically send push notifications, you may have to take additional steps to enable this option.
You can do this by denying prompts to verify your identity the next time you sign into a Northeastern service that requires it (including email, other Office 365 services, and sites that use single sign-on), or simply waiting until it times out—the Duo verification screen will return and you will be able to check the box.
You can also log into the 2FA device management portal, verify your identity with 2FA, and update your device settings to “Ask me to use an authentication method” under the “When I log in:” field.
Please note that this setting is available per device and web browser—meaning you will need to select the option on each device and web browser you use, as applicable. Also, certain web browser privacy settings (e.g., disabling cookies) may interfere with this setting.
2FA is among the easiest and most effective ways for individual members of the community to protect personal and institutional research, intellectual property, information, and systems—and it’s already seeing success.