As a transfer student, the two-factor verification used here at Long Beach State is an interesting security method that has now been ingrained into my school routine.
I can’t tell you how many times I’ve been across campus and couldn’t do the two-step verification because of poor service. The amount of work it takes to manage my studies, deadlines, and social life should not come along with me logging into BeachBoard or Canvas.
I’ve heard professors complain mid-lecture about the tedious verification process as well.
Although it is annoying at times, security breaches do happen across campuses, even ours. According to Long Beach State’s website, there was a ransomware attack at a CSU campus that set in motion the implementation of Multi-Factor Authentication, or MFA, for all students to use.
A year later, after an attempted attack on CSU San Marcos, the school upgraded their cyber security with the same MFA we use. In addition to MFA, CSUSM added anti-virus software to their Mac computers, an application to prevent email threat attachments, and began requiring all students to reset their passwords every year.
In an article by Forbes, Emma Whitford explains how colleges are underfunded in their online security department, and when security is jeopardized, they are unable to pick up the pieces.
An example of this would be when Lincoln College, an institution in Illinois, voted for its closure due to a cyber attack. It took months for Lincoln College employees “to regain access to all their systems,” said Whitford. They paid the ransom through their insurance, but it wasn’t enough.
Long Beach State has not yet experienced a ransomware attack, so coming up with ways to continue being able to safely and easily access our information while staying engaged in our coursework, and not on our phones, is important.
It is important for students to learn how to keep their passwords safe and secure to avoid a data leak, and I believe that adding another security option in place for students who can not verify through their phone or a virtual phone will help. It will allow students with smaller password issues to get into their student portals with no phone calls to the help desk.
CSULB’s administration understands that some students may not have access to a physical phone, so they advise using Google Voice for MFA.
Google Voice is an internet-based phone service. You don’t need an existing Gmail account and you can receive calls without access to data.
Most questions within the FAQ section pertained to accessing accounts after losing or replacing your phone.
To avoid overworking the technology help desk with easy password issues, we need a third verification option. With the increase of in-person classes this year, I think that an easy third option could be providing security questions for verification alongside a text or phone call.
There may be issues at first with memorizing security questions, but in the end it would allow more students to be able to quickly log into their portals.
More information about MFA could be found at the online Knowledge Base under Microsoft Multi-Factor Authentication.