Two-factor authentication is a privilege

Kathryn Williams, Editor in Chief

Have you or a loved one fallen victim to a phishing scam sent by a compromised Saint Anselm email address? Sorry, you likely are not entitled to financial compensation, but learning about the school’s new cybersecurity program can help! Okta is a new cybersecurity software implemented this year that focuses on secure authentication. The platform requires two-factor authentication on important websites, such as Canvas. You can verify your credentials by a voice message, text code, or the Okta app. The most commonly used and most complained about method for authentication is getting a six digit code texted to your phone that you then type in on your computer or other device. This two factor authentication has been widely lamented by students and professors alike. Many students find it annoying that they have to always have their phone near them to log in to important sites like Canvas. What if your phone is dead or missing and you can’t login to Canvas so you miss a deadline?

Some professors too have made comments about the inconvenience of needing to get their phone out during class. Others joke about the hypocrisy of breaking their own no-phone policy to access Canvas during class. If it is so wildly inconvenient, why did the school implement two-factor authentication? The
short answer, they are required by insurance. The long answer, the IT department values cybersecurity and is constantly evaluating ways to improve their protection. Steve McDevitt, Chief Informa-
tion Officer, described two-factor authentication as a “necessary evil… because the world is a scary place and students are particularly interesting targets for phishing attacks.” Phishing attacks have become
increasingly more prevalent in our inboxes, so taking steps to protect login information is one way to hopefully prevent someone from falling victim to this kind of scam.

Just last week there was a phishing attack that sent nearly 3,000 emails in a 15-minute period from
a compromised Saint Anselm student email address. Mcdevitt explained how the school was able to lock the account within the hour and delete the phishing emails from other accounts, but not all phishing attacks are handled so easily. Students who fall victim to phishing emails can give away valuable information, such as bank account and social security numbers, or even lose money to the scammer.
Canvas is considered a high-risk system because of the information it contains, including students’ grades. McDevitt also shared that the school will soon require two-factor authentication on all

College email accounts because they are high risk. Exactly when this change will occur is unclear, but I’m willing to bet that it will be met with annoyed users who feel that it is inconvenient. Is the slight inconvenience of two-factor authentication worth it for cyber protection? Absolutely. It is a privilege to have access to education itself, let alone all of the technological resources we are provided with. I would much rather have to look at my phone for 15 seconds than lose my personal information to a phishing scam. Plus, let’s be honest, we are all on our phones pretty regularly so aside from extenuating circumstances it’s not that big of a hassle. Two-factor authentication is here to stay, so it’s about time that we learn more about how it works. McDevitt shared that there is an Okta app you can download for
easy authentication via a phone or compatible smart watch.

On your computer, if you go to apps.anselm.edu you can authenticate once and then click on any of the programs on the dashboard (such as Canvas and Qualtrics), then you don’t have to authenticate each time.

It’s worth taking the time to evaluate the vast amount of resources available to us as students, recognizing the privilege it is. We should all want to protect ourselves and our community from cyber attacks.