Data breaches, email scams and other threats to personal and institutional data are on the rise, and the University of Michigan is taking steps to increase the protection of this data by expanding the use of two-factor authentication.
Beginning this summer, MTokens — the university’s current two-factor authentication solution — will be replaced with new, more flexible options from Ann Arbor-based Duo Security.
more information
- Enrollment options and instructions
-
Email questions to [email protected]
Drop-in sessions for extra help
- June 8 and 9, 9 a.m.-noon, School of Education Building, Room 2232
- June 14, 1-4 p.m., Wolverine Tower, Training Room 3
- June 15 and 16, 9 a.m.-noon, Wolverine Tower, Training Room 3
- Check the drop-in schedule as new dates are added.
The effort will start with current MToken holders — including those in the Health System and at the Flint and Dearborn campuses — and expand to others later this year.
“The most powerful single thing that we can do to help protect both individuals and University of Michigan systems and data is to expand the use of two-factor authentication,” says Don Welch, chief information security officer.
Two-factor authentication is a second layer of security, keeping an individual’s account secure even if their password is compromised. It requires two proofs of identity when logging in:
• Something you know, such as a UMICH password.
• Something you have, such as a hardware token with passcodes or a mobile app.
On July 20, those who currently log in to MToken-protected systems will stop using their MToken and begin using Duo two-factor authentication instead. The change applies to systems in Wolverine Access, FLUX, DART and some departmental systems.
To maintain access to protected systems, current MToken holders must:
• Enroll in Duo options by July 20.
• Continue to use their MTokens until July 20.
• Begin using a Duo two-factor option in place of an MToken on July 20 or follow the log-in prompts to sign-up for Duo and gain access to the protected systems.
“The variety of log-in options offered by Duo is one of the primary benefits of this new solution,” says DePriest Dockins, project director and assistant director of identity and access management in Information and Technology Services.
Duo includes an app that pushes a notification to a smartphone or mobile device for approval when logging in to protected systems. Other Duo options include a phone call (using flip-phones or desk phones), passcodes via text message, or Duo hardware tokens.
Primary and secondary methods are recommended. Individuals may select the options they prefer, although departmental policy may preclude use of some options.
Later this year, individuals will be able to use Duo to further protect their personal information, such as W-2s and Direct Deposit forms, when logging in to self-service options in Wolverine Access.
Two-factor authentication options with Duo.
Veronica Hall
•Enroll in Duo options between before July 20. This statement is unclear.
Jamie Iseler
Thanks for catching this discrepancy. It has been corrected to say current MToken holders should enroll in Duo by July 20.
Wendy B
An announcement to all Token holders would be *EXTREMELY* helpful! As usual, communication is mediocre at best.
Jessica Rohr
Individuals who have a registered MToken with U-M can expect to receive email communications from either ITS, UMHS or their reporting unit. An announcement was sent to Ann Arbor campus MToken holders on June 2 and June 3 (did not include staff or faculty in UMHS, Athletics, Law, Shared Service Center, or Office of Development.) More email reminders are forthcoming.
Beth L
Will the DUO hardware be sent to all current MToken hardware users?
Jessica Rohr
No. Individuals may work with their primary reporting unit to determine which Duo option is appropriate for their needs.