By Iris Shipley, Grace Prust, Ashley Harrison & Rianna Jones
The University of Wisconsin Green-Bay (UWGB) has implemented new tech security measures on campus when logging into any campus online resource.
In the last year, UWGB has seen some changes in how students, faculty, and staff log into Canvas, Student Information System (SIS), and any other campus application where sensitive information may be held. One of the new security measures implemented is Multi-Factor Authentications (MFAs). According to the U.S Cybersecurity & Infrastructure Security Agency (CISA), Multi-Factor Authentication (MFAs) is “a combination of two or more authenticators to verify your identity” before an individual is allowed access to the service or website they are trying to access.
At UWGB, this authentication includes using the password for your account and authentication from Microsoft. Some students and staff use an app that gives a two-digit number response, while others have a code sent as an SMS message.
Students have had their share of concerns and complaints since the university-wide implementation of multifactor authentication. UWGB senior Marissa Vanderkoi acknowledges that online safety and security are important for campus logins but says MFA has its drawbacks. “It [MFA] makes it hard for students who can’t access data or wifi. The text messages don’t always come through. It sometimes can take up to ten minutes.”
Many students find the new policy to be a nuisance because of the frequency and how it could be a possible problem in the classroom. Marissa Vanderkoi brings up more concerns about trying to login during classes, saying, “My friends have had issues with their professors not being able to show lectures because they didn’t have their phones.”
Professors have used the MFAs for university logins longer than students have, and many have similar complaints. Professor Bina, associate teaching professor in Communication, says, “It is a bit of an inconvenience, especially the constant Canvas authentication logins. However, if it protects sensitive data, it’s necessary, especially on SIS, where personal information is stored.”
One thing Professor Bina would change, if she could, would be to ensure that the “remember me” box works. Individual logins, such as the university email, have a box under the authentication notification named “Remember me” that allows the user to bypass the authenticator for 14 days. However, many students and Professor Bina have expressed that this box often does not work, causing users to constantly login, even in a short timeframe.
Interim Chief Information Officer Michael Bubulz at UWGB says that multi-factor authentication was implemented at the university after a UW-System security audit to “better protect accounts from being used by unauthorized parties.” Bubulz continues to explain that MFA is an “industry standard,” and students likely use it for applications like online banking as well.
Bubulz suggests going to the UW-Green Bay MFA website to learn more information about logging in without a phone, reasons for implementation, and other concerns. For other possible issues, they recommend contacting the GBIT service desk at (920) 465-2309 or email at email@example.com.
CISA. “More than a Password.” America’s Cyber Defense Agency, edited by CISA, Cybersecurity and Infrastructure Security Agency, 2022, www.cisa.gov/MFA#:~:text=Multifactor%20authentication%20(MFA)%20can%20make,Two%20Step%20Authentication.
“What Is Multi-Factor Authentication (MFA) and How Does It Work?” OneLogin, One Identity, 2023, http://www.onelogin.com/learn/what-is-mfa.