Multi Factor Authentication (MFA) adds an extra security layer. It ensures that you are the only person who can access your account if your password is compromised. Your information is safer because thieves would need both your password AND your phone or other verification method to access your account or login. With MFA, you log in with your username and password and then confirm your identity using another method, most often an app on your phone. You may already be using MFA with online banking or when accessing other sites with sensitive information.

Strong passwords, even those with significant number of characters and complexity, don’t provide sufficient protection. Educational institutions have become major targets for attackers, and Drake has to upgrade our protections around individual and campus data.

Because of this, in early January we will be requiring the use of the Microsoft Authenticator MFA application to access campus systems. When you login to a system set up with Microsoft Authenticator, you will be prompted to verify that the login is being made by you. In practice, you will enter your email address/username and password normally and then be prompted, typically by a mobile app push, to verify your identity.

We will provide instructions on using Microsoft Authenticator, a detailed change timeline, a list of systems that will require MFA, and answers to additional questions you might have between now and January. Watch OnCampus and our other communication channels for more information throughout the rest of the semester.

— Jeff Regan, ITS