Security Awareness: MFA

Stetson currently utilizes Multifactor Authentication (MFA) to help protect a number of our internal and external systems. Utilizing a second form of authentication prevents unauthorized individuals from logging into our systems if your username and password are stolen or compromised. Unfortunately, in the world of cybersecurity no technology is perfect.

Recently you may have heard in the news of an attack targeted at the rideshare company Uber. It was reported within this incident malicious individual(s) performed an MFA fatigue attack. The attacker sends frequent MFA push requests to a user. It could involve frequent MFA requests in middle of the night or less frequent requests over a few days. An unknowing target receives on their phone a request to approve a login they have not performed. By clicking approve the attacker now has access into the account. The user now has both factors of authentication. Push notifications are enabled through our Microsoft Authenticator app. We ask that you are continually cautious about approving requests. If you are not actively logging onto a system and have received an approval request don’t approve it!

Regards,
Information Technology Department
STETSON UNIVERSITY College of Law
1401 61st Street South | Gulfport, FL 33707
Email: [email protected] | Office: +1 (727) 562 7323

Subscribe to Student Announcements: