Thank you for taking the time to find out more about and enroll in two-factor authentication (2FA). By enrolling, you are making an important step toward further securing your online identity and personal information. You are also helping to protect Penn State’s research, intellectual property, and institutional data.
What is 2FA?
2FA is an added security measure similar to how you protect your bank account with a pin number (something you know) and debit card (something you have) when you withdraw money from an ATM. The University’s 2FA provider is a company named Duo Security (Duo for short).
After you enroll in 2FA, when you log in to WebAccess—Penn State’s online authentication system that protects WebMail, ANGEL, Canvas, the Employee Self-Service Information Center (ESSIC), and more—you will enter your Penn State user ID (i.e., xyz5000) and password (something you know) as usual, and then use your smartphone or another device (something you have) to verify your identity.
Who is required to use 2FA?
Beginning spring semester 2016, all Penn State faculty and staff members at every campus location will be required to enroll in and use 2FA to log in to WebAccess.
Should I enroll more than one device in 2FA?
Please keep in mind it is important to enroll more than one device (such as a smartphone and desk phone) in 2FA to avoid difficulties authenticating if you lose or don’t have your only enrolled device with you.
Who is not required to use 2FA?
The following groups do not need to enroll in 2FA (some individuals in these groups who work for the University or have access to secure systems may be required to enroll):
- Penn State students
- Penn State retirees
- Research partners from other institutions who access Penn State systems using Friends of Penn State (FPS) accounts or their own university credentials
- Anyone using an FPS account