Back to Announcements

Multi-factor Authentication Rollout for Students

Students, LITS, Campus Advisory posted

LITS has entered the third phase of Multi-factor authentication (MFA) implementation and will begin enrolling students this month

Trinity College’s Library & Information Technology Services (LITS) has entered the third phase of Multi-factor authentication (MFA) implementation and will begin enrolling students in March 2022, with a target of having all students registered by the end of spring semester 2022.

MFA — a security measure that requires something users know, such as a password, and second-factor users have, like a mobile phone, to log in to an account — has been available to Trinity students, faculty, and staff since Spring 2021, when LITS implemented Microsoft SSO, a cloud-based Single Sign-On access management platform.

Over the course of a year-long targeted enrollment campaign coordinated by the Information Security team within LITS, all college employees were registered for MFA. Now, after a successful year spent focused on faculty and staff, LITS is turning its attention to securing the accounts of Trinity College students.

“Passwords can be cracked, stolen, or given away,” said LITS Information Security Lead, John Inghilterra. “Good secondary factors like a mobile phone authenticator app or a single-use code delivered through a text message are much more resilient to attacks, which is why Multi-factor authentication is so important to safeguarding Trinity College’s students and their accounts.”

This spring, students who have not already enrolled in MFA will receive a “setup Multi-factor authentication” email over the course of March-May. To activate MFA, students should click the link, which will open a browser requesting additional information. At this point, you would add your second-factor authentication methods.

Once registered, students can activate and edit their preferred MFA security factors, which include the Microsoft Authenticator app, text messages, phone calls, YubiKey tokens (a device similar to a USB drive), and a 3rd party Authenticator app such as Google Authenticator.

The Microsoft Authenticator app allows users to be sent a push notification — with approve and deny buttons that appear in the app whenever an account login is attempted — or a one-time use code. Text messages, voice calls, and Google Authenticator also provide a one-time code to be used during each login attempt. YubiKey tokens can be linked to student accounts and plugged into a USB port to gain account access.

Students are strongly encouraged to set up more than one form of verification!

“We encourage all college users to activate as many additional factors as possible,” said LITS Director of Constituency Services, Ann Marie Krupski. “Activating multiple factors ensures that even if someone’s usual method of authenticating is unavailable like their cell phone isn’t charged or they left their Yubikey at home, they will still be able to access their information.”

Once MFA is enabled, students will be prompted to use their additional factor of choice when signing in to their college account. When logging in on personal computers and devices, students can select a “Remember This Device” option to skip the MFA step when using a specific web browser on that device in the future. This option should not be used on shared or public-use computers and devices. Clicking this box does not guarantee that you will not be prompted. There are other conditional access variables that MFA accesses in order to bypass the second-factor request.

In addition to enrolling in MFA, students are encouraged to add an additional email address. Along with your Multi-factor authentication methods, your personal (3rd party) email can be used as a password reset method. Setting up as many authentication methods during the MFA enrollment process means you can conveniently reset your password at any time without assistance.

LITS intends to have all students registered for MFA by the end of spring semester 2022. Students who do not enroll on their own by the end of the semester will be automatically required to set up MFA upon signing in to their account.

 

Need More Assistance?

Any students seeking assistance with MFA enrollment or experiencing challenges with logging in after enrolling should contact the Library & Information Technology Desk at [email protected] or (860)-297-2007.