Multi-factor authentication (MFA) is an information security best practice that adds an extra measure of protection beyond user name and password. To address this important practice and further safeguard the university’s valuable electronic resources (personal information, account deposits, research data, etc.), JMU Information Technology is implementing a particular form of MFA known as two-factor authentication (2FA). Two-factor authentication uses something a user physically possesses (e.g. a cell phone, tablet, or hardware token) to submit an additional verification of identity at login. This second step helps foil criminals who may try using a guessed, stolen or inadvertently shared password to access a JMU account. A cloud-based service called Duo is being used to enable JMU’s 2FA.

Implementation has begun with a user enrollment process and enablement of Duo for a priority set of systems beginning with MyMadison and the SSL VPN. As the enrollment cycle completes, the existing one-time password (OTP) feature of MyMadison will be replaced with Duo and retired. Over time additional services will be enabled with Duo until virtually all JMU systems are shielded by two-factor authentication.

More information is available on the Duo service page.

Back to Top