2FA – IT Connect

Getting a new phone for the holidays? Don’t leave Duo behind!

Planning to upgrade your phone or get a new one as a gift this holiday season? Don’t forget one critical step: transferring your Duo multi-factor authentication account to your new device. Without a proper transfer, you could end up being locked out of SMU apps and services. Don’t worry—the process is straightforward, and we’re here to help you plan ahead to ensure a smooth transition when returning to campus. Here is how to get started: Continue reading Getting a new phone for the holidays? Don’t leave Duo behind!

Duo Verified Push Notifications Further Secure SMU Accounts

With malicious actors continuing to get better at exploiting weaknesses in security features, SMU will soon require a Verified Push from Duo Security to increase the protection of our push-based multi-factor authentication (MFA) solution and protect your account from unauthorized access. Continue reading Duo Verified Push Notifications Further Secure SMU Accounts

Enhanced Account Protection With New Duo Features

Later this month, OIT will enable several new features in Duo to provide additional account protection. The first three changes pertain to the device enrollment portal and add new designs, features, and protection. Continue reading Enhanced Account Protection With New Duo Features

Safeguarding SMU with Duo: New Anomalous Protection

Effective February 27, 2023, OIT will implement Duo Two-Factor authentication changes to our application. As mentioned in our recent newsletter, our campus has recently experienced a new cybercriminal threat where hackers attempt to access an account. This is accomplished by repeatedly attempting to send Duo requests until the end user approves the Multi-Factor Authentication (MFA) prompts. This method is referred to as “MFA Fatigue.” Continue reading Safeguarding SMU with Duo: New Anomalous Protection

Protect Yourself: Fighting MFA Fatigue

MFA Fatigue Last week, OIT notified the campus of a successful phishing campaign targeting the SMU community. In this campaign, we noted that cybercriminals had begun using a new technique where they repeatedly send Duo requests to users who have shared their username and password to annoy users into approving the two-factor request.

This technique, referred to as “MFA fatigue,” has become increasingly common, and over the next several weeks, OIT will begin implementing measures to combat this trend. In the meantime, we recommend you take the following actions if you notice something suspicious: Continue reading Protect Yourself: Fighting MFA Fatigue