Passwords are a thing of the past (Safeononweb.be) 1:11
Multi-Factor Authentication (MFA) is an authentication method in which you must successfully complete at least two steps (factors) to gain access. These factors could be something you know (your username and password), something you are (such as your fingerprint, facial recognition or iris scan), something you have (such as hardware tokens or the device you are working on) or your location (you can only access from a specific location).
The VUB opts for two-factor authentication (2FA), MFA with 2 factors/steps. In the first step you enter your username and password. In the second step you have to perform an additional action. This can be entering a second key, for example, a received SMS code or a code received or created by a linked app on your smartphone, or merely confirming the login request on such a linked app.
In the majority of cyber-attacks, some even suspect in 95% of cases, weak or stolen credentials are exploited. The most efficient defense against this is 2FA. If your password is compromised, the cyber criminal cannot immediately misuse your password because it also needs the 2nd factor.
This also brings compliance with legislation closer. For example, the General Data Protection Regulation (GDPR) requires that the protection of sensitive personal data is optimized. 2FA is a big step in this direction.
Also 2FA is not 100% safe from cyber criminals. For example, you can still be misled by a fake website on which you log in 2FA. The cyber criminal has thus obtained both factors and can use them to log in himself once. SMS messages with which the 2nd factor is sent can also be intercepted by means of SIM cloning (a duplicate of your phone is made, on which copies of all your text messages are added). For the latter reason, 2FA via text messages is best avoided.
Despite these limitations, 2FA remains the simplest and most efficient protection against compromised password misuse, and 2FA is therefore regarded as a minimal authentication protection.
You can activate 2FA on your VUB account via Service-Now.
Not all VUB applications support this 2FA security yet. Canvas, Office 365, TEO are already protected by 2FA. Cali, Pure, RACS are examples of applications that currently do not support this 2FA security (but we are working on it!).
Applications such as WhatsApp, Facebook, Linkedln, and many others support MFA. Search in the settings or Google “MFA + name of the application” to find out how to activate it.
Why not take a look at this list of the most common platforms that allow two-factor authentication?
What is two-factor authentication? (Safeonweb.be) – 0:49
How do you enable two-factor authentication (2FA)? (Safeonweb.be) 0:44
A link not working? Send an email to helpdesk@vub.be.