Kent State tightens student account security with multi-factor authentication

Kent State is rolling out multi-factor authentication as a new security method for preventing security breaches.

MFA is a security method through Microsoft that flags suspicious activity on Kent State accounts. It is an extra measure that puts another barrier in the way of hackers. It is currently an option for Kent State students, but the school is working to make it mandatory across all campuses.

“Microsoft looks at a number of different variables when an account login seems suspicious, including the country of the login, the device used and if the account has been flagged for suspicious activity before,” said Chief Information Security Officer Robert Eckman.

MFA comes in the form of SMS verification codes that are sent directly to the phone number associated with the account as well as in the form of a Microsoft verification app.

“Both the SMS messages and the Microsoft app are effective; however, I would recommend the app because of its accessibility,” Eckman said, “If you are in Europe you won’t receive the SMS code but you could still access the app.”

This new security measure has other benefits aside from the security of the account. Currently, the only way to reset your Kent State password is through the IT HelpDesk; once MFA is implemented it will be much easier than that.

“Once we get everybody across all campuses into MFA, anybody who is enrolled can change their password entirely through Microsoft as opposed to doing it through the HelpDesk,” Eckman said.

While MFA is not foolproof, it does make it easier to catch potential breaches and quickly fix a breach that has already occurred.

“Nothing secures 100 (percent) security, but adding MFA makes it tremendously hard for bad people to gain access to your account, and if someone does gain access it lets you know,” Eckman said.

The update will soon be mandatory for all Kent State accounts.

Contact Aidan Coyne at [email protected].