Multi-Factor Authentication (MFA) at RIT
What is MFA?
Multi-Factor Authentication (MFA) is an authentication method that helps ensure that only you are able to access your accounts. Rather than just using a username and password, you provide a second factor to prove it really is you. For RIT accounts, that second factor is provided by Duo. The second factor may be a text message, a push notification on your phone, or a phone call.
MFA Fatigue and Harassment
As MFA adoption grows, so does the risk of MFA fatigue, potentially leading to security vulnerabilities. MFA fatigue refers to the weariness or frustration experienced by users when repeatedly encountering Multi-Factor Authentication (MFA) prompts during their interactions with digital systems or applications. MFA is a security mechanism that requires users to provide multiple forms of authentication (e.g., something they know, something they have, or something they are) to verify their identity before gaining access to an account or system.
While MFA significantly enhances security by adding an extra layer of protection against unauthorized access, it can also lead to user inconvenience and reduced productivity. Users may feel overwhelmed or annoyed when they have to repeatedly enter verification codes, use fingerprint recognition, or respond to push notifications for each login attempt, especially if they access various systems throughout their day.
Identifying an MFA Threat
Watch for Frequent Authentication Requests: If you receive an unusually high number of Duo requests within a short period, be cautious of potential threats.
Monitor Geographical Anomalies: Keep an eye on login attempts from unexpected or distant locations, which may indicate unauthorized access.
Beware of Unrecognized Devices: Exercise caution when receiving Duo prompts from unknown devices not associated with your regular access patterns.
Recognize Repeated Failures: Report repeated Duo failures to our IT team, as it may indicate brute force attacks or account takeover attempts.
Stay Alert for Unexpected Authentication Methods: If you encounter Duo prompts that differ from your usual authentication methods, be vigilant for possible security breaches.
Additional Resources
Please contact the RIT Service Center at 585-475-5000 or visit help.rit.edu for any problems or questions about MFA and Duo.
For more information