Week 1: Enable multi-factor authentication (MFA)

Always enable multi-factor authentication 

No matter what you call it, multi-factor authentication, or MFA, is a security measure that requires anyone logging into an account to navigate a two-step process to prove their identity. With just a single, additional step, multi-factor authentication greatly increases the security of every account you log into. 


Having a combination of authentication factors is a better way to keep your data protected.

In computer security, an authentication factor is anything you use to prove your identity before using a system. Passwords are the most common type of authentication. With multi-factor authentication (MFA), you use two or more different authentication factors to log in.

One example is a password and a verification code sent to your smartphone. This is an extra layer of security, so even if one of your factors is stolen, the hacker doesn’t have access to the other authentication factor. This stops them from accessing your account.

How it works

When logging into your account, you first provide your password or passphrase. Next, you will provide an extra way of proving that you’re you. This is typically done through:

  • An extra PIN (personal identification number)
  • An extra security question like, “What’s your favorite pet’s name?”
  • An additional code, either emailed or texted
  • A biometric identifier like facial recognition or a fingerprint
  • A unique number generated by an “Authenticator App”
  • A secure token, which is a separate piece of hardware (like a key fob that holds information) that verifies a person’s identity before access to a database or system is granted.

Types of authentications

  • Something you know — Passwords and security questions
  • Something you have — A verification code on your phone or a key card
  • Something you are — Biometrics, like your fingerprint

MFA Fatigue

Due to the increasing use of multi-factor authentication (MFA) in our daily activities, it is normal to assume and accidentally click “Approve.” Stay alert and verify Duo push requests by ensuring the requests originate from your general geographic area and that you are actively trying to login to a specific site that would prompt for Duo. Visit MFA Fatigue to learn more about what you can do to protect yourself, your peers, and our university. #BeCyberSmart


Villanova has enrolled all students, faculty, and staff in DUO, the preferred MFA tool for our community. This multifactor authentication requirement - a standard best practice across higher education and industry - further enhances Villanova’s data security protocols and provides additional protection for sensitive University data, including individual students' information as well as employee and institutional records.  

For more information, visit the DUO: Getting Started and FAQs knowledge-based articles. 


Additional Articles:

Intro: Cybersecurity Awareness Month

Week 2: Use a strong password and password manager

Week 3: Recognize and report the phish

Week 4: Back up your data and update your software



For more information visit villanova.edu/ITSecurity

Questions or concerns? Contact the UNIT Help Desk at support@villanova.edu or 610-519-7777


Print Article


Article ID: 145020
Wed 3/29/23 9:03 AM
Thu 8/31/23 8:39 AM