Last November, Duke professor Gary Gereffi returned from a research trip to Kazakhstan and was informed by his IT department that his computer had been hacked. Days earlier, a colleague at Harvard University sent Gereffi an email with an attachment to a scholarly paper. Unbeknownst to both professors, malware inflected the attachment, and as soon as Gereffi opened the document, hackers could peer into Gereffi’s computer and steal his data.
Protect your Duke accounts using Multi-factor Authentication (MFA), also called advanced or two-step authentication. MFA provides an additional layer of security when logging in or performing transactions online and at Duke.
When logging in using MFA, a user is required to authenticate their identity using a second factor, typically via a phone or separate passcode.
MFA is required for many Duke services, including Work@Duke, VPN, email, Sakai, and Box. If desired, you can further protect your identity by opting in to additional account requirements on the MFA registration site.
The IT Security Office strongly recommends using multi-factor authentication when using all NetID protected services. It is especially recommended for access to critical systems or systems storing sensitive data per the ITSO Security Standards.
Use the Duo app to make MFA easier, or by requesting temporary passcodes in advance of travel.