Stetson currently utilizes Multifactor Authentication (MFA) to help protect a number of our internal and external systems. Utilizing a second form of authentication prevents unauthorized individuals from logging into our systems if your username and password are stolen or compromised. Unfortunately, in the world of cybersecurity no technology is perfect.<\/p>\n\n\n\n
Recently you may have heard in the news of an attack targeted at the rideshare company Uber. It was reported within this incident malicious individual(s) performed an MFA fatigue attack. The attacker sends frequent MFA push requests to a user. It could involve frequent MFA requests in middle of the night or less frequent requests over a few days. An unknowing target receives on their phone a request to approve a login they have not performed<\/em>. By clicking approve the attacker now has access into the account. The user now has both factors of authentication. Push notifications are enabled through our Microsoft Authenticator app. We ask that you are continually cautious about approving requests. If you are not actively logging onto a system and have received an approval request don\u2019t approve it!<\/p>\n\n\n\n