Aug 09, 2018 The University of Alabama in Huntsville needs to improve its security for logging into web-based applications and classroom podium computers. We will soon incorporate two-factor authentication for applications such as Banner, MyUAH and Canvas. Two-factor authentication provides a second layer of security to any type of login, requiring extra information or a physical device to log in, in addition to your password. By requiring two different channels of authentication, we can protect user logins from remote attacks that may exploit stolen usernames and passwords. The factors may include: Something you know: A unique username and password. Something you have: A smartphone with an application to approve authentication requests or a hardware token. The reason that we need two-factor authentication is that we had at least two incidents on campus last year that showed how increasingly easy it has become for login credentials to be compromised. Many of the security breaches today involve compromised usernames and passwords. Two-factor authentication enhances the security of your account by using a secondary device to verify your identity. Two-factor authentication prevents anyone but you from accessing your account, even if the individual knows your password. We will implement two-factor authentication during fall semester 2018 using Duo Security cloud-based software services. Duo Security utilizes two-factor authentication to ensure secure access to services and data. Learn more at https://guide.duo.com/. The two-factor authentication will change your login experience at UAH. When logging in to an application that is protected by Duo, you will still enter your username and password. After entering your login information, Duo requires you to complete a method of second-factor authentication to gain access to the application. Duo does not replace your password or require you to change your username and password. Think of Duo as a layer of security added to your pre-existing login method. More information on the rollout of two-factor authentication is coming soon. If you have any urgent questions about two-factor authentication, please reach out to the OIT Help Desk. The OIT Help Desk address is email@example.com.