Passwords are a thing of the past (Safeononweb.be) 1:11
Multi-Factor Authentication (MFA) is an authentication method in which you must successfully complete at least two steps (factors) to gain access. These factors could be something you know (your username and password), something you are (such as your fingerprint, facial recognition or iris scan), something you have (such as hardware tokens or the device you are working on) or your location (you can only access from a specific location).
The VUB opts for two-factor authentication (2FA), MFA with 2 factors/steps. In the first step you enter your username and password. In the second step you have to perform an additional action. This can be entering a second key, for example, a received SMS code or a code received or created by a linked app on your smartphone, or merely confirming the login request on such a linked app.
In the majority of cyber-attacks, some even suspect in 95% of cases, weak or stolen credentials are exploited. The most efficient defense against this is 2FA. If your password is compromised, the cyber criminal cannot immediately misuse your password because it also needs the 2nd factor.
This also brings compliance with legislation closer. For example, the General Data Protection Regulation (GDPR) requires that the protection of sensitive personal data is optimized. 2FA is a big step in this direction.
Also 2FA is not 100% safe from cyber criminals. For example, you can still be misled by a fake website on which you log in 2FA. The cyber criminal has thus obtained both factors and can use them to log in himself once. SMS messages with which the 2nd factor is sent can also be intercepted by means of SIM cloning (a duplicate of your phone is made, on which copies of all your text messages are added). For the latter reason, 2FA via text messages is best avoided.
Not all VUB applications support this 2FA security yet. Canvas, Office 365, TEO are already protected by 2FA. Cali, Pure, RACS are examples of applications that currently do not support this 2FA security (but we are working on it!).
Despite these limitations, 2FA remains the simplest and most efficient protection against compromised password misuse, and 2FA is therefore regarded as a minimal authentication protection.
The impact on your daily operation is minimal. You do not have to log in more than before, the only difference is that you now have to log in 2FA.
The number of times you have to log in per day is limited because the VUB applies the Single Sign On (SSO) principle: log in once via your browser and you can log in to all your applications. If you close your browser (e.g., for lunch), you will only have to log in once afterwards to regain access to all your browser applications.
The operation of Outlook, the standard VUB e-mail client, does also not change after activating your 2FA. If you use a different e-mail client, you have to check yourself whether it supports 2FA.
Applications such as WhatsApp, Facebook, Linkedln, and many others support MFA. Search in the settings or Google “MFA + name of the application” to find out how to activate it.
Why not take a look at this list of the most common platforms that allow two-factor authentication?
A link not working? Send an email to email@example.com.