2-Factor Authentication (2FA)

2-factor authentication (2FA), also known as multi-factor authentication, is an extra layer of security you can add to the login process to secure your accounts beyond just a username and password. 2FA takes something you know (e.g., password, pin number), something you have (e.g., cellphone, token) or something you are (e.g., fingerprint, facial recognition) and requires two of them to log in. Here at FSU, we use Duo 2FA for our applications, but there are other versions of 2FA you can enable for your personal accounts. Other common places where you may encounter 2FA are bank accounts and some social media profiles.

Types

Knowledge
(Something You Know)

Knowledge is the basic level of authentication we all know. This is either a password or identification number that grants you access to your account.

Possession
(Something You Have)

Possession is adding a level of security that involves something you physically own, such as a mobile device, tablet or special token. This is how Duo Mobile works. Your login is connected to a specific device that will send a push notification for you to confirm you are logging in. Some applications require you to enter an on-screen code or key to verify the push.

Inherence
(Something You Are)

Inherence is physically who you are, also known as biometrics. This could be a fingerprint or face scan through your device that grants you access.

Warning Signs

 

Unrequested Notification

If you get a request from Duo or any other 2FA application and are not trying to log in, do not accept the request. 2FA is here to protect your account. If you accept requests you did not ask for, you could be letting in a hacker.

Tips

 

If you are not actively logging in, do not accept a push notification

 

Do not use “remember me” functions on shared devices

 

Enable 2FA on all accounts where it is available

 

If your 2FA is device dependent, make sure you have a backup authentication method in case you lose your device

 

Enable Duo Restore on your device to automatically back up your account to a new device

Resources

2FA at FSU

Get all the details about 2FA at FSU and manage your devices

More 

2FA Video

Learn more about 2FA and why it is important with this brief LinkedIn Learning video

More