Effective February 27, 2023, OIT will implement Duo Two-Factor authentication changes to our application. As mentioned in our recent newsletter, our campus has recently experienced a new cybercriminal threat where hackers attempt to access an account. This is accomplished by repeatedly attempting to send Duo requests until the end user approves the Multi-Factor Authentication (MFA) prompts. This method is referred to as “MFA Fatigue.”
As a reminder, when you click “Deny” for Duo, you can report a suspicious login on the application and are strongly encouraged to change your password immediately.
The key changes we are implementing in February will decrease the number of failed Duo pushes before the account is locked and provide an automatic unlocking feature after a specified timeframe. We are also adding anomalous protection, which prohibits users from attempting to use MFA at the same moment as another MFA authentication request.
Please remember to help us safeguard our campus by reporting any suspicious activity to the IT Help Desk at help@smu.edu or 214.768.HELP.
