How multi-factor authentication can boost cyber security

<!DOCTYPE html>     <html class="no-js" lang="en-GB"> <head><script type="text/javascript" src="https://web-static.archive.org/_static/js/bundle-playback.js?v=7YQSqjSh" charset="utf-8"></script> <script type="text/javascript" src="https://web-static.archive.org/_static/js/wombat.js?v=txqj7nKC" charset="utf-8"></script> <script>window.RufflePlayer=window.RufflePlayer||{};window.RufflePlayer.config={"autoplay":"on","unmuteOverlay":"hidden"};</script> <script type="text/javascript" src="https://web-static.archive.org/_static/js/ruffle/ruffle.js"></script> <script type="text/javascript"> __wm.init("http://web.archive.org/web"); __wm.wombat("https://www.jisc.ac.uk/blog/how-multi-factor-authentication-can-boost-cyber-security-28-nov-22","20221209175702","http://web.archive.org/","web","https://web-static.archive.org/_static/", "1670608622"); </script> <link rel="stylesheet" type="text/css" href="https://web-static.archive.org/_static/css/banner-styles.css?v=p7PEIJWi" /> <link rel="stylesheet" type="text/css" href="https://web-static.archive.org/_static/css/iconochive.css?v=3PDvdIFv" />  <title>How multi-factor authentication can boost cyber security | Jisc</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <script type="text/javascript">var jiscp = {"joid":-1,"name":"","sector":"","region":""};</script> <script src="http://web.archive.org/web/20221209175702js_/https://www.google.com/recaptcha/api.js?hl=en" async="async" defer="defer"></script> <link rel="preconnect" href="//web.archive.org/web/20221209175702/https://cdn-eu.dynamicyield.com/"> <link rel="preconnect" href="//web.archive.org/web/20221209175702/https://st-eu.dynamicyield.com/"> <link rel="preconnect" href="//web.archive.org/web/20221209175702/https://rcom-eu.dynamicyield.com/"> <link rel="dns-prefetch" href="//web.archive.org/web/20221209175702/https://cdn-eu.dynamicyield.com/"> <link rel="dns-prefetch" href="//web.archive.org/web/20221209175702/https://st-eu.dynamicyield.com/"> <link rel="dns-prefetch" href="//web.archive.org/web/20221209175702/https://rcom-eu.dynamicyield.com/"> <script> var cookiestring = new RegExp("jisc_eprivacy" + '[^;]+').exec(document.cookie); var value = unescape(!!cookiestring ? cookiestring.toString().replace(/^[^=]+/, '').replace('=', '') : ''); if(value === "active-consent") { var script1 = document.createElement('script'); var script2 = document.createElement('script'); script1.src = "//web.archive.org/web/20221209175702/https://cdn-eu.dynamicyield.com/api/9877327/api_dynamic.js"; script2.src = "//web.archive.org/web/20221209175702/https://cdn-eu.dynamicyield.com/api/9877327/api_static.js"; document.getElementsByTagName('head')[0].appendChild(script1); document.getElementsByTagName('head')[0].appendChild(script2); } </script><script> var cookiestring = new RegExp("jisc_eprivacy" + '[^;]+').exec(document.cookie); var value = unescape(!!cookiestring ? cookiestring.toString().replace(/^[^=]+/, '').replace('=', '') : ''); if(value === "active-consent") { (function(h,o,t,j,a,r){ h.hj=h.hj||function(){(h.hj.q=h.hj.q||[]).push(arguments)}; h._hjSettings={hjid:2326029,hjsv:6}; a=o.getElementsByTagName('head')[0]; r=o.createElement('script');r.async=1; r.src=t+h._hjSettings.hjid+j+h._hjSettings.hjsv; a.appendChild(r); })(window,document,'http://web.archive.org/web/20221209175702/https://static.hotjar.com/c/hotjar-','.js?sv='); } </script> <link rel="shortcut icon" href="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/all/themes/jisc_clean/favicon.ico"/> <meta name="description" content="We may not be able to eradicate cyber-attacks completely – but we can certainly minimise their impact. As part of a wider cyber security strategy, one way to do that is multi-factor authentication (MFA)."/> <link rel="canonical" href="http://web.archive.org/web/20221209175702/https://www.jisc.ac.uk/blog/how-multi-factor-authentication-can-boost-cyber-security-28-nov-22"/> <link rel="shortlink" href="http://web.archive.org/web/20221209175702/https://www.jisc.ac.uk/node/60323"/> <meta property="og:site_name" content="Jisc"/> <meta property="og:url" content="http://web.archive.org/web/20221209175702/https://www.jisc.ac.uk/blog/how-multi-factor-authentication-can-boost-cyber-security-28-nov-22"/> <meta property="og:title" content="How multi-factor authentication can boost cyber security"/> <meta property="og:description" content="We may not be able to eradicate cyber-attacks completely – but we can certainly minimise their impact. As part of a wider cyber security strategy, one way to do that is multi-factor authentication (MFA)."/> <meta property="og:image" content="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/default/files/woman-on-laptop-outside-building-blog.jpg"/> <meta name="twitter:card" content="summary_large_image"/> <meta name="twitter:site" content="@jisc"/> <meta name="twitter:url" content="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/blog/how-multi-factor-authentication-can-boost-cyber-security-28-nov-22"/> <meta name="twitter:title" content="How multi-factor authentication can boost cyber security"/> <meta name="twitter:description" content="We may not be able to eradicate cyber-attacks completely – but we can certainly minimise their impact. As part of a wider cyber security strategy, one way to do that is multi-factor authentication"/> <meta name="twitter:image" content="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/default/files/woman-on-laptop-outside-building-blog.jpg"/> <link rel="alternate" type="application/rss+xml" title="Jisc blog feed" href="http://web.archive.org/web/20221209175702/https://feeds.feedburner.com/JISCBlog"/> <link rel="alternate" type="application/rss+xml" title="Jisc news feed" href="http://web.archive.org/web/20221209175702/https://feeds2.feedburner.com/ac/uabG"/> <link rel="alternate" type="application/rss+xml" title="Jisc events feed" href="http://web.archive.org/web/20221209175702/https://feeds2.feedburner.com/ac/toXU"/> <link rel="alternate" type="application/rss+xml" title="Jisc jobs feed" href="http://web.archive.org/web/20221209175702/https://feeds.feedburner.com/JiscJobVacanciesWebFeed"/> <link rel="alternate" type="application/rss+xml" title="Jisc podcasts feed" href="http://web.archive.org/web/20221209175702/https://feeds.feedburner.com/JiscPodcast"/> <link rel="apple-touch-icon" sizes="144x144" href="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/all/themes/jisc_clean/apple-touch-icon-144x144-precomposed.png"> <link rel="apple-touch-icon" sizes="114x114" href="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/all/themes/jisc_clean/apple-touch-icon-114x114-precomposed.png"> <link rel="apple-touch-icon" sizes="57x57" href="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/all/themes/jisc_clean/apple-touch-icon-57x57-precomposed.png"> <link rel="apple-touch-icon" sizes="72x72" href="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/all/themes/jisc_clean/apple-touch-icon-72x72-precomposed.png"> <link rel="apple-touch-icon" href="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/all/themes/jisc_clean/apple-touch-icon-precomposed.png"> <link rel="apple-touch-icon" href="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/all/themes/jisc_clean/apple-touch-icon.png">  <meta property="fb:pages" content="499379160101212"/> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"/> <meta content="width=device-width,initial-scale=1.0" name="viewport"/> <meta content="on" http-equiv="cleartype"/>  <meta name="format-detection" content="telephone=no"/> <meta name="google-site-verification" content="UNqcoVblscrmuOfPyGUTeRMyNRcroUK_U9ghx-PFl0Q"/> <link href="//web.archive.org/web/20221209175702cs_/https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i" rel="stylesheet"> <link href="http://web.archive.org/web/20221209175702cs_/https://fonts.googleapis.com/css2?family=Roboto+Slab&display=swap" rel="stylesheet"> <link rel="stylesheet" href="http://web.archive.org/web/20221209175702cs_/https://www.jisc.ac.uk/sites/default/files/css/css_rEI_5cK_B9hB4So2yZUtr5weuEV3heuAllCDE6XsIkI.css"/> <style>div.a06ec_field{display:none;visibility:hidden;} div.a3eb1_field{display:none;visibility:hidden;} </style> <link rel="stylesheet" href="http://web.archive.org/web/20221209175702cs_/https://www.jisc.ac.uk/sites/default/files/css/css_oBsiHIoIA5lAPqK9E6jDdaNe3tAN5Nagql7giHq9cno.css"/> <link rel="stylesheet" href="http://web.archive.org/web/20221209175702cs_/https://www.jisc.ac.uk/sites/default/files/css/css_PsIMLeNhMOWYLk90AWTJ5AtR6KQeGbR_YScSoC_7uSM.css" media="print"/> <style type="text/css"> .cookie-bar { color: #fff; background-color: #0d224c;} .cookie-bar__confirm2, .cookie-bar__confirm, .cookie-bar__reject { padding: .9rem 1.8rem; color: #0D224E!important; line-height: 1; text-align: center; text-decoration: none!important; background-color: #fff; margin-left: 25px ; margin-left: 2.5rem ; font-size: 18px ; font-size: 1.8rem ; line-height: 22px ; line-height: 2.2rem ; -webkit-border-radius: 3px; -moz-border-radius: 3px; -ms-border-radius: 3px; -o-border-radius: 3px; border-radius: 3px; } .cookie-bar__confirm2:visited, .cookie-bar__confirm:visited, .cookie-bar__reject:visited { color: #0D224E; } @media print { .cookie-bar__reject:visited { color: #0D224E; } } .cookie-bar__confirm2:focus, .cookie-bar__confirm:focus, .cookie-bar__reject:focus { color: #007aaa; background-color: #d9d9d9; outline: 0.3rem solid #fd6; } .cookie-bar__confirm2:hover, .cookie-bar__confirm:hover, .cookie-bar__reject:hover { box-shadow: 0 0.3rem 1.2rem rgba(0, 0, 0, 0.23), 0 0.3rem 1.2rem rgba(0, 0, 0, 0.16); color: #0D224E; background-color: #d9d9d9; transition: all 0.3s cubic-bezier(0.25, 0.8, 0.25, 1); } .cookie-bar__reject:hover { transition: none; } .cookie-bar__reject:active { box-shadow: none; } .cookie-bar__confirm2:focus:hover, .cookie-bar__confirm:focus:hover, .cookie-bar__reject:focus:hover { color: #0D224E; text-decoration: none; background-color:#d9d9d9; outline: 0.3rem solid #fd6; } .cookie-bar__confirm2:active, .cookie-bar__confirm:active, .cookie-bar__reject:active { color: #0D224E; text-decoration: none; background-color: #d9d9d9; outline: 0.3rem solid #fd6; } </style> <script> dataLayer = []; </script> <script src="/web/20221209175702js_/https://www.jisc.ac.uk/sites/all/themes/jisc_clean/js/vendor/modernizr.js"></script> <script src="/web/20221209175702js_/https://www.jisc.ac.uk/sites/all/themes/jisc_clean/js/vendor/a11y-toggle.min.js"></script>  <script>(function(w,d,s,l,i){ var cookiestring = new RegExp("jisc_eprivacy" + '[^;]+').exec(document.cookie); var value = unescape(!!cookiestring ? cookiestring.toString().replace(/^[^=]+/, '').replace('=', '') : ''); if(value === "active-consent") { w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'http://web.archive.org/web/20221209175702/https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); } })(window,document,'script','dataLayer','GTM-PWX6FN');</script>   </head> <body class="jisc not-front no-sidebars node-type-blog-post">  <noscript><iframe src="http://web.archive.org/web/20221209175702if_/https://www.googletagmanager.com/ns.html?id=GTM-PWX6FN" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>  <div id="cookie-bar-main" class="cookie-bar" style="display: none;"> <div class="inner"> <p class="cookie-bar__notification">We use cookies to give you the best experience and to help improve our website</p> <p> <a class="cookie-bar__link" href="/web/20221209175702/https://www.jisc.ac.uk/website/cookies">Find out more about how we use cookies</a> </p> <p class="cookie-bar__options-title">Choose whether to use cookies:</p> <p class="cookie-bar__options"> <a href="#" class="cookie-bar__reject">No thanks</a> <a href="#" class="cookie-bar__confirm">Yes, I accept</a> </p> </div> </div> <header class="masthead jsSiteMasthead" role="banner" xmlns="http://www.w3.org/1999/html"> <div class="inner"> <a id="skiplinks" class="visuallyhidden focusable in-page" href="#main"> <span>Skip to main content</span> </a> </div> <div class="c-main-site-header jsMainSiteHeader"> <div class="c-main-site-header__primary-signpost "> <div class="c-main-site-header__container"> <div class="c-main-site-header__primary-signpost-inner"> <p class="c-main-site-header__brand"> <a class="c-main-site-header__brand-link" href="/web/20221209175702/https://www.jisc.ac.uk/" title="Go to the Jisc homepage"> <img class="c-main-site-header__brand-img" src="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/all/themes/jisc_clean/img/jisc-logo.svg" alt="Jisc"/> </a> </p> <nav class="c-main-site-header__you-are-in" aria-label="Breadcrumb"> <p class="c-main-site-header__you-are-in-title">You are in:</p> <ul class="c-main-site-header__you-are-in-list"> <li><a href="/web/20221209175702/https://www.jisc.ac.uk/blog">Blog</a></li><li><span>How multi-factor authentication can boost cyber security</span></li> </ul> </nav> <div class="c-main-site-header__utilities"> <p class="c-main-site-header__utilities-title">Utilities:</p> <ul class="c-main-site-header__utilities-list c-main-site-header__utilities-list--menu-triggers"> <li class="c-main-site-header__utilities-item"> <button class="c-main-site-header__trigger c-main-site-header__trigger--enabled jsUtilityTrigger" data-a11y-toggle="a11ytoggle-siteSearchTarget" data-trigger-role="search" aria-label="Search this website"> <div class="c-main-site-header__trigger-search-icon jsFnbMenuIconTrigger" data-icon-role="search"> <span class="c-main-site-header__trigger-search-icon-circle"></span> <span class="c-main-site-header__trigger-search-icon-handle"></span> </div> <span class="c-main-site-header__trigger-copy">Search this website</span> </button> </li> <li class="c-main-site-header__utilities-item"> <button class="c-main-site-header__trigger c-main-site-header__trigger--disabled" aria-disabled="true" aria-label="Disabled site navigation" disabled="disabled"> <div class="c-main-site-header__trigger-menu-icon" data-icon-role="navigation"> <span class="c-main-site-header__trigger-menu-icon-line"></span> <span class="c-main-site-header__trigger-menu-icon-line"></span> <span class="c-main-site-header__trigger-menu-icon-line"></span> </div> <span class="c-main-site-header__trigger-copy">Disabled site navigation</span> </button> </li> </ul> <ul class="c-main-site-header__utilities-list c-main-site-header__utilities-list--nav-and-site-search"> <li class="c-main-site-header__utilities-item"> <div class="search search--not-front" id="search"> <span class="c-main-site-header__site-search-label-copy">Search the Jisc website</span> <form action="/web/20221209175702/https://www.jisc.ac.uk/search" method="post" id="search-api-page-search-form-search-" accept-charset="UTF-8"> <label class="visuallyhidden" for="search_term"><span class="form-fields__label-text">Search </span></label> <input class="ui-autocomplete-input" placeholder="Search Jisc" id="search_term" autocomplete="off" type="text" name="keys_1" value="" size="30" maxlength="128"/> <input type="hidden" name="id" value="1"/> <a href="#" class="close ico ico-cross">Clear search results</a><input class="ico ico-search-glass" type="submit" id="edit-submit-1" name="op" value="Search"/><input type="hidden" name="form_build_id" value="form-nLKtl3TpqACURpwGRQ8wseIlGrhWTJyY6hqRhTzoNlM"/> <input type="hidden" name="form_id" value="search_api_page_search_form_search_"/> </form> <div id="search-results" class="search-results-dropdown"> <p class="search-results__intro"></p> </div> </div> </li> </ul> </div> </div> </div> </div> <div class="c-main-site-header__menu jsMenuTarget" id="a11ytoggle-siteSearchTarget" data-is-small-viewport=""> <div class="c-main-site-header__site-search c-main-site-header__site-search--in-menu" role="search"> <div class="search search--not-front" id="search"> <span class="c-main-site-header__site-search-label-copy">Search the Jisc website</span> <form action="/web/20221209175702/https://www.jisc.ac.uk/search" method="post" id="search-api-page-search-form-search-" accept-charset="UTF-8"> <label class="visuallyhidden" for="search_term"><span class="form-fields__label-text">Search </span></label> <input class="ui-autocomplete-input" placeholder="Search Jisc" id="search_term" autocomplete="off" type="text" name="keys_1" value="" size="30" maxlength="128"/> <input type="hidden" name="id" value="1"/> <a href="#" class="close ico ico-cross">Clear search results</a><input class="ico ico-search-glass" type="submit" id="edit-submit-1" name="op" value="Search"/><input type="hidden" name="form_build_id" value="form-nLKtl3TpqACURpwGRQ8wseIlGrhWTJyY6hqRhTzoNlM"/> <input type="hidden" name="form_id" value="search_api_page_search_form_search_"/> </form> <div id="search-results" class="search-results-dropdown"> <p class="search-results__intro"></p> </div> </div> </div> </div> <div class="c-main-site-header__menu" aria-hidden="true"> <nav> <div class="c-main-site-header__main-nav jsMainNavHook"> <p class="c-main-site-header__main-nav-title">Navigation:</p> <div class="c-main-site-header__main-nav-secondary jsMainNavSecondaryHook"> </div> </div> </nav> </div> </div> </header> <main id="main" class="jsMainContent" role="main"> <div class="inner l-pull-left featured top-bar"> <div class="l-centre-offset row"> </div> </div> <section class="t-news-and-blog"> <div class="inner"><div id="target-space"></div></div>  <div class="inner l-pull-left featured top-bar"> <div class="l-centre-offset"> <article class="article-full"> <header class="article-full__header"> <a href="/web/20221209175702/https://www.jisc.ac.uk/blog" class="marker marker--page">Blog</a> <div class="row"> <div class="col span-9"> <h1 class="page-title">How multi-factor authentication can boost cyber security</h1> <div class="duo profile profile--large" itemscope itemtype="http://schema.org/Person"> <div class="blog-author-summaries"> <div class="blog-author-summary-container"> <div class="duo__side"> <img src="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/default/files/styles/featured_contact/public/default_images/staff-profile.jpg?itok=9OdvbNSY" alt="Alf Moens, cyber-security lead and acting chief security officer at GÉANT"/> </div> <div class="duo__body profile__info"> <p class="post-meta"> <span class="element"> by Alf Moens, cyber-security lead and acting chief security officer at GÉANT </span> </p> <p class="post-meta-published-and-comments "> <span class="element"><span class="post-meta__item post-date"> on <time property="dc:date" datatype="xsd:dateTime" content="2022-11-28T12:45:00+00:00" datetime="2022-11-28T12:45:00+00:00">28 November 2022</time></span></span> </p> </div> </div> </div> </div> </div> <div class="col span-3"> </div> </div> </header> <div class="row"> <div class="col span-9"> <p class="field field-type-text-long article-full__strapline">We may not be able to eradicate cyber-attacks completely – but we can certainly minimise their impact. As part of a wider cyber security strategy, one way to do that is multi-factor authentication (MFA).</p> <div class="article-full__body">  <figure class="media field field-type-image"> <div class="media__inner"> <img typeof="foaf:Image" src="http://web.archive.org/web/20221209175702im_/https://www.jisc.ac.uk/sites/default/files/styles/710px-wide/public/woman-on-laptop-outside-building-blog.jpg?itok=q291FJhA" alt="A woman sits with her laptop outside a university building."/> <div class="media__attribution"> <div class="media__attribution__title"> <span class="ico ico-i">Creative Commons attribution information</span> </div> <div about="https://www.jisc.ac.uk/sites/default/files/woman-on-laptop-outside-building-blog.jpg" class="media__attribution__info"> <div xmlns:cc="http://creativecommons.org/ns#" xmlns:dct="http://purl.org/dc/terms/" class="last-child"> <div property="cc:title" class="cc__title">A woman sits with her laptop outside a university building.</div><div class="cc__author">©<span property="cc:attributionName">Oscar Wong</span> via <span>Getty</span></div><div class="cc_license last-child">All rights reserved</div> </div> </div> </div> </div> </figure> <h2>Why MFA? </h2><p>Frankly, I think the question should be, “Why not?" </p><p>With <a href="http://web.archive.org/web/20221209175702/https://www.jisc.ac.uk/news/survey-shows-more-university-students-want-blended-learning-07-sep-2022">blended learning on the rise</a>, and more users connecting remotely to shared cloud services as well as on-premise systems, securing data is becoming ever more necessary. </p><aside class="article-full__callout article-full__callout--hang-right"><blockquote><p><p>Securing data is becoming ever more necessary. </p></p></blockquote></aside><p>A stolen password gives the attacker the same access permissions as the legitimate user, and there is no way to differentiate between them. As long as passwords are used for authentication, there will always be a chance that users and administrators are susceptible to data loss or worse. </p><p>To counter this, MFA ensures that access to a website or application is granted only after the user has successfully presented two or more factors (pieces of evidence) for authentication. These factors can be digital (a password), biometric (eg fingerprints) or a third-party authenticator (like Google or Microsoft). </p><p>It’s not a new concept - we’ve all used it for online banking, for example – but introducing MFA institution-wide can be a challenge. </p><h2>What could possibly go wrong? </h2><p>Federated identity management - linking a user's identity across multiple identity management systems so they can access different applications securely and efficiently using MFA – is complicated. </p><p>MFA can’t be simply turned on for everything at once. It’s impossible to tell which systems might be adversely impacted by a full-scale simultaneous switch-on, which is a risk no-one should be prepared to take. However, with planning, collaboration and clear communication, implementing that extra layer of security is not as hard as it sounds. </p><aside class="article-full__callout article-full__callout--hang-right"><blockquote><p><p>With planning, collaboration and clear communication, implementing that extra layer of security is not as hard as it sounds.</p></p></blockquote></aside><p>Here’s an example of a real-life rollout, with some suggestions on how to get it right – without breaking anything in the process. </p><h2>How GÉANT implemented MFA </h2><p>As the network that connects <a href="http://web.archive.org/web/20221209175702/https://about.geant.org/nrens/">national research and education networks (NRENs)</a> like Jisc in 40 countries across Europe as well as thousands of users across the globe, <a href="http://web.archive.org/web/20221209175702/https://geant.org/">GÉANT</a> needs to protect its users, defend its infrastructure and reduce the impact of any compromise.</p><p>This is why we elected to limit the damage of cyber-attacks by implementing MFA across the organisation. </p><h3>Collaborate </h3><p>GÉANT itself is relatively small, with about 140 people, but over the years we have built up a complex information infrastructure with both on-premise and cloud components. The challenge was to roll out MFA without jeopardising any part of our IT services, and a key aspect of that was the security team and the IT team working together to achieve it. </p><h3>Start small </h3><p>First, we carried out an inventory of all GÉANT’s applications that were accessed using a single password and, therefore, required MFA protection. In all, we identified 65, including MSOffice365 and Zoom. </p><p>Using MS Active Directory for our identity and access management gave us the ability to switch on MFA for small groups of people in Outlook365, so we selected that as the testbed. And we started with our own security and IT project team. </p><p>We chose a third-party authenticator as the most viable option for us, since everyone in the organisation has a smartphone. While issues around the acquisition and storage of biometrics made it unsuitable for us, I would encourage everyone to use a fingerprint to access their personal devices wherever possible. </p><h3>Take time </h3><p>This first phase took a couple of months and, while we could have done it faster, we preferred to make sure we ironed out issues as early as possible in the process. </p><p>We were also keen to protect the reputation of our IT department which, like IT teams the world over, is under-staffed and over-demanded. In fact, we delayed the project until the IT team could allocate the required time to support it. </p><p>We discovered that switching on MFA for MSOffice365 impacted our MSExchange online - but we were able to successfully address the issue before we expanded the rollout group by group. </p><h3>Communicate </h3><p>The key was good communication: from the outset we shared details of the project across the organisation.</p><aside class="article-full__callout article-full__callout--hang-right"><blockquote><p><p>The key was good communication</p></p></blockquote></aside><p>We started with announcements in all-hands meetings to reassure people about what was happening, what would be expected of them, and what to be prepared for when using MFA on multiple systems. </p><p>Using new technology can be frightening for some people so we provided more details through info-shares and training, and everything was documented and available for everyone to see what we were doing and why we were doing it. </p><h3>Federate </h3><p>The next step was to choose one of our systems that already had federated access and apply MFA to it across the organisation. Some of our systems are open to external users on whom we can’t impose the necessity for MFA, so we opted for our internal documentation system. </p><p>Here we encountered another unforeseen problem: admin access rights are used by multiple people sharing passwords, but MFA does not allow the second factor to be shared – so we had to do a work-around. </p><p>It has to be said that not all legacy systems support MFA well, and some of our existing applications still need tweaks and compromises to fix or allow exceptions. To avoid that in the future, however, we have specified that all new procurements MUST allow federated access in order to enable MFA. </p><h2>What’s next? </h2><p>We are in the process of applying MFA to Zoom, and in due course all our web applications, including third-party ones, will have MFA as well. </p><aside class="article-full__callout article-full__callout--hang-right"><blockquote><p><p>I would strongly encourage any institution to only choose cloud and internet-connected services that offer some form of MFA. </p></p></blockquote></aside><p>I would strongly encourage any institution to only choose cloud and internet-connected services that offer some form of MFA. </p><p>The phased rollout of MFA for added cyber security at GÉANT has provided some valuable lessons, from which I hope others can benefit. </p><h2>Find out more</h2><ul><li>To find out more about switching on MFA, see this <a href="http://web.archive.org/web/20221209175702/https://www.ncsc.gov.uk/guidance/multi-factor-authentication-online-services">guide from the NCSC</a>. </li><li>Learn more about <a href="/web/20221209175702/https://www.jisc.ac.uk/cyber-security/">Jisc's core cyber security services</a>. </li><li>Receive personalised instructions on how to <a href="http://web.archive.org/web/20221209175702/https://www.jisc.ac.uk/forms/take-the-next-step-in-improving-your-organisations-cyber-security-posture">improve cyber security posture across your organisation</a>. </li></ul> <div class="social-share"><h4>Share this</h4><ul class="share-buttons"> <li><a href="http://web.archive.org/web/20221209175702/https://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Fjisc.ac.uk&t=" target="_blank" title="Share on Facebook" aria-label="Share on Facebook" onclick="window.open('http://web.archive.org/web/20221209175702/https://www.facebook.com/sharer/sharer.php?u=' + encodeURIComponent(document.URL) + '&t=' + encodeURIComponent(document.URL)); return false;"><i class="fab fa-facebook-square fa-2x"></i></a></li> <li><a href="http://web.archive.org/web/20221209175702/https://twitter.com/intent/tweet?source=http%3A%2F%2Fjisc.ac.uk&text=:%20http%3A%2F%2Fjisc.ac.uk&via=jisc" target="_blank" title="Tweet" aria-label="Tweet" onclick="window.open('http://web.archive.org/web/20221209175702/https://twitter.com/intent/tweet?text=' + encodeURIComponent(document.title) + ':%20' + encodeURIComponent(document.URL)); return false;"><i class="fab fa-twitter-square fa-2x"></i></a></li> <li><a href="http://web.archive.org/web/20221209175702/http://www.linkedin.com/shareArticle?mini=true&url=http%3A%2F%2Fjisc.ac.uk&title=&summary=&source=http%3A%2F%2Fjisc.ac.uk" target="_blank" title="Share on LinkedIn" aria-label="Share on LinkedIn" onclick="window.open('http://web.archive.org/web/20221209175702/http://www.linkedin.com/shareArticle?mini=true&url=' + encodeURIComponent(document.URL) + '&title=' + encodeURIComponent(document.title)); return false;"><i class="fab fa-linkedin fa-2x"></i></a></li> </ul></div> </div> <footer class="article-full__footer"> </footer> </div> <div class="col span-3" role="complementary"> <div class="l-gutter--both"> <aside class="mini-tabs mini-tabs--news"><div class="filter is-closed"><div class=" is-tabbed"><section class="cx_tabs__section"> <div class="cx_tabs__heading cx_collapsibles__trigger section__title">Most read</div> <div class="cx_tabs__content">  <div class="view-header"> </div> <div class="view-filters"> </div> <div class="attachment attachment-before"> </div>  <div class="linklist linklist--small"> <ul> <li class="linklist__item"> <span class="field-content"><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/when-the-bytes-go-out-preparing-digital-education-for-power-outages-11-nov-2022">When the bytes go out: preparing digital education for power outages </a></span></li> <li class="linklist__item"> <span class="field-content"><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/things-to-consider-when-setting-up-a-mastodon-instance-21-nov-2022">Things to consider when setting up a Mastodon ‘instance’ </a></span></li> <li class="linklist__item"> <span class="field-content"><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/first-steps-towards-effective-use-of-ai-in-education-22-nov-2022">First steps towards effective use of AI in education </a></span></li> <li class="linklist__item"> <span class="field-content"><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/improving-he-student-wellbeing-services-with-good-data-governance-08-nov-2022">Improving HE student wellbeing services with good data governance</a></span></li> <li class="linklist__item"> <span class="field-content"><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/time-and-skills-are-vital-to-building-resilience-against-future-cyber-security-threats-01-dec">Time and skills are vital to building resilience against future cyber security threats </a></span></li> </ul> </div> <div class="attachment attachment-after"> </div> <div class="view-footer"> </div> <div class="feed-icon"> </div> </div></section> <section class="cx_tabs__section"> <div class="cx_tabs__heading cx_collapsibles__trigger section__title">Related</div> <div class="cx_tabs__content">  <div class="view-header"> </div> <div class="attachment attachment-before"> </div> <div class="linklist linklist--small"> <ul> <li class="linklist__item"> <div> <span><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/why-having-a-strong-password-isnt-enough-to-secure-your-account-23-jul-2020">Why having a strong password isn’t enough to secure your account</a></span> </div></li> <li class="linklist__item"> <div> <span><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/universities-alerted-to-cyber-threat-from-russia-06-jul-2021">Universities alerted to cyber threat from Russia </a></span> </div></li> <li class="linklist__item"> <div> <span><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/how-to-protect-your-organisation-with-identity-management-in-the-cloud-07-nov-2022">How to protect your organisation with identity management in the cloud</a></span> </div></li> <li class="linklist__item"> <div> <span><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/together-we-can-reduce-the-risk-of-cyber-attacks-30-aug-2022">‘Together we can reduce the risk of cyber attacks’</a></span> </div></li> <li class="linklist__item"> <div> <span><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/latest-cyber-impact-report-underlines-ransomware-as-a-huge-threat-20-apr-2022">Latest cyber impact report underlines ransomware as a huge threat, but financial cost of attacks is still unclear </a></span> </div></li> </ul> </div> <div class="attachment attachment-after"> </div> <div class="view-footer"> </div> <div class="feed-icon"> </div> </div></section> </div></div></aside>  <div class="social-share"><h4>Share this</h4><ul class="share-buttons"> <li><a href="http://web.archive.org/web/20221209175702/https://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Fjisc.ac.uk&t=" target="_blank" title="Share on Facebook" aria-label="Share on Facebook" onclick="window.open('http://web.archive.org/web/20221209175702/https://www.facebook.com/sharer/sharer.php?u=' + encodeURIComponent(document.URL) + '&t=' + encodeURIComponent(document.URL)); return false;"><i class="fab fa-facebook-square fa-2x"></i></a></li> <li><a href="http://web.archive.org/web/20221209175702/https://twitter.com/intent/tweet?source=http%3A%2F%2Fjisc.ac.uk&text=:%20http%3A%2F%2Fjisc.ac.uk&via=jisc" target="_blank" title="Tweet" aria-label="Tweet" onclick="window.open('http://web.archive.org/web/20221209175702/https://twitter.com/intent/tweet?text=' + encodeURIComponent(document.title) + ':%20' + encodeURIComponent(document.URL)); return false;"><i class="fab fa-twitter-square fa-2x"></i></a></li> <li><a href="http://web.archive.org/web/20221209175702/http://www.linkedin.com/shareArticle?mini=true&url=http%3A%2F%2Fjisc.ac.uk&title=&summary=&source=http%3A%2F%2Fjisc.ac.uk" target="_blank" title="Share on LinkedIn" aria-label="Share on LinkedIn" onclick="window.open('http://web.archive.org/web/20221209175702/http://www.linkedin.com/shareArticle?mini=true&url=' + encodeURIComponent(document.URL) + '&title=' + encodeURIComponent(document.title)); return false;"><i class="fab fa-linkedin fa-2x"></i></a></li> </ul></div> </div> </div> </div> </article> </div> </div> </section> <div class="inner l-pull-left"> <div class="l-centre-offset"> <aside class="article-full__related l-gutter--top"> <h3 class="section__title">You may also like…</h3><div class="region region--2-up"> <div class="block block-1"> <article class="teaser t-news-and-blog"> <span class="marker">Blog</span> <div class="teaser__copy"> <h4 class="teaser__title"><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/why-having-a-strong-password-isnt-enough-to-secure-your-account-23-jul-2020">Why having a strong password isn’t enough to secure your account</a></h4> Criminals always find a way to take advantage of disasters. In the case of COVID-19, ...<br/> </div> <footer class="teaser__footer"> </footer> </article> </div>  <div class="block block-2"> <article class="teaser t-news-and-blog"> <span class="marker">Blog</span> <div class="teaser__copy"> <h4 class="teaser__title"><a href="/web/20221209175702/https://www.jisc.ac.uk/blog/universities-alerted-to-cyber-threat-from-russia-06-jul-2021">Universities alerted to cyber threat from Russia </a></h4> Higher education institutions have been highlighted as targets for Russian state-sponsored cyber criminals in a ...<br/> </div> <footer class="teaser__footer"> </footer> </article> </div> </div> </aside> <div class="comments l-gutter--top">  <div id="comments" class="comments l-gutter--top" itemtype="http://schema.org/UserComments"> <h3 class="section__title">0 Comments</h3> <div class="row"><div class="col span-9"><form class="comment-form webform-client-form" action="/web/20221209175702/https://www.jisc.ac.uk/blog/how-multi-factor-authentication-can-boost-cyber-security-28-nov-22#comment-form" method="post" id="comment-form" accept-charset="UTF-8"><fieldset class="webform-component-fieldset"> <legend> <span class="legend-text fieldset-legend">Leave your comment</span> </legend> <ul class="form-fields fieldset-wrapper webform-component"><li class="form-fields__item--text webform-component webform-component-textfield"> <label> Your name</label> <input required="1" data-errormsg="We need your name" type="text" id="edit-name" name="name" value="" size="30" maxlength="60"/> </li> <li class="form-fields__item--text form-item webform-component webform-component-email"> <label>Your email</label> <input class="email" required="1" data-errormsg="Please enter a valid email" type="text" id="edit-field-your-email-und-0-value" name="field_your_email[und][0][value]" value="" size="30" maxlength="255"/> </li> <li class="form-fields__item--text form-item webform-component webform-component-textfield"> <label>Your URL (optional)</label> <input class="text-full" type="text" id="edit-field-your-url-und-0-value" name="field_your_url[und][0][value]" value="" size="30" maxlength="255"/> </li> <li class="form-fields__item--textarea form-item webform-component webform-component-textarea"> <label>Your comment</label> <textarea class="text-full form-textarea" data-errormsg="We need a comment" required="1" id="textarea1" name="comment_body[und][0][value]" cols="60" rows="5"></textarea> </li> </ul></fieldset><div class="a06ec_field"><span class="description"> (If you're a human, don't change the following field)</span> <label for="edit-906-name"><span class="form-fields__label-text">Enter your name </span></label> <input class="a06ec_field" autocomplete="off" type="text" id="edit-906-name" name="906_name" value="b02179f332b0" size="30" maxlength="128"/> <span class="description">Your first name.</span> </div><noscript>Please enable Javascript to use this form.</noscript><div class="a3eb1_field"><span class="description"> (If you're a human, don't change the following field)</span> <label for="edit-d3e-name"><span class="form-fields__label-text">Enter your name </span></label> <input class="a3eb1_field" autocomplete="off" style="font-family: "ac563823b765301055fb_form"" type="text" id="edit-d3e-name" name="d3e_name" value="3c563215f3" size="30" maxlength="128"/> <span class="description">Your first name.</span> </div><noscript>Please enable Javascript to use this form.</noscript><input type="hidden" name="form_build_id" value="form-4Wdexx0KFtKlVWXoJmnpkG8HX1ktArkaHHEF1WScvEY"/> <input type="hidden" name="form_id" value="comment_node_blog_post_form"/> <div class="field-type-text field-name-field-your-email field-widget-text-textfield form-wrapper" id="edit-field-your-email"><div id="field-your-email-add-more-wrapper"></div></div><div class="field-type-text field-name-field-your-url field-widget-text-textfield form-wrapper" id="edit-field-your-url"><div id="field-your-url-add-more-wrapper"></div></div><div class="field-type-text-long field-name-comment-body field-widget-text-textarea form-wrapper" id="edit-comment-body"><div id="comment-body-add-more-wrapper"></div></div><input type="hidden" name="timegate" value="1670602019"/> <div class="captcha"><input type="hidden" name="captcha_sid" value="12408306"/> <input type="hidden" name="captcha_token" value="2ffb2317c07bd4430c6b568cd67ccfa2"/> <input type="hidden" name="captcha_response" value="Google no captcha"/> <div class="g-recaptcha" data-sitekey="6LcfsmsUAAAAAHFd-Icx8OSWFwPxQwwgedpAuG-L" data-theme="light" data-type="image"></div><noscript> <div style="width: 302px; height: 352px;"> <div style="width: 302px; height: 352px; position: relative;"> <div style="width: 302px; height: 352px; position: absolute;"> <iframe src="http://web.archive.org/web/20221209175702if_/https://www.google.com/recaptcha/api/fallback?k=6LcfsmsUAAAAAHFd-Icx8OSWFwPxQwwgedpAuG-L&hl=en" frameborder="0" scrolling="no" style="width: 302px; height:352px; border-style: none;"></iframe> </div> <div style="width: 250px; height: 80px; position: absolute; border-style: none; bottom: 21px; left: 25px; margin: 0px; padding: 0px; right: 25px;"> <textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response" style="width: 250px; height: 80px; border: 1px solid #c1c1c1; margin: 0px; padding: 0px; resize: none;" value=""></textarea> </div> </div> </div> </noscript> <input type="hidden" name="captcha_cacheable" value="1"/> </div><div class="form-actions btn-wrap form-wrapper" id="edit-actions"><div class="center-comment-button"><input class="btn btn--3d btn--primary" type="submit" id="edit-submit" name="op" value="Leave comment"/></div></form></div></div> </div> </div> </div> </div> </section> </main> <footer role="contentinfo"> <div class="inner l-pull-left light l-gutter--top"> <div class="l-centre-offset row"> </div>  <div class="l-centre-offset row"> </div>  </div> <div class="inner l-pull-left medium"> <div class="l-centre-offset"> <div class="region region--4-up"> </div> </div>  </div>  <div class="c-main-site-footer">  <div class="c-main-site-footer__breadcrumb"> <div class="inner inner--main-site-footer"> <div class="c-main-site-footer-grid"> <div class="c-main-site-footer-grid__item u-6/12@medium u-9/12@large"> <nav class="c-main-site-footer__you-are-here" aria-label="Breadcrumb"> <p class="c-main-site-footer__you-are-here-title">You are in:</p> <div class="c-main-site-footer__you-are-here-item-home"> <a class="c-main-site-footer__you-are-here-link" href="/web/20221209175702/https://www.jisc.ac.uk/" aria-label="Jisc homepage"><i class="fas fa-home" aria-hidden="true"></i></a> </div> <ul> <li><a href="/web/20221209175702/https://www.jisc.ac.uk/blog">Blog</a></li><li><span>How multi-factor authentication can boost cyber security</span></li> </ul> </nav> </div> <div class="c-main-site-footer-grid__item u-6/12@medium u-3/12@large">   </div> </div> </div> </div>  <div class="c-main-site-footer__linklist"> <div class="inner inner--main-site-footer"> <div class="c-main-site-footer-grid"> <div class="c-main-site-footer-grid__item u-6/12@medium u-3/12@large"> <h2 class="c-main-site-footer__linklist-title">Areas</h2> <ul class="c-main-site-footer__linklist-group"><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/connectivity">Connectivity</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/cyber-security">Cyber security</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/cloud">Cloud</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/data-and-analytics">Data analytics</a></li></ul><ul><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/libraries-and-research">Libraries, learning resources and research</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/student-experience">Student experience</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/trust-and-identity">Trust and identity</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/advice">Advice and guidance</a></li></ul> </div> <div class="c-main-site-footer-grid__item u-6/12@medium u-3/12@large"> <h2 class="c-main-site-footer__linklist-title">Explore</h2> <ul class="c-main-site-footer__linklist-group"><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/guides">Guides</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="http://web.archive.org/web/20221209175702/https://beta.jisc.ac.uk/training">Training</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/consultancy">Consultancy</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="http://web.archive.org/web/20221209175702/https://beta.jisc.ac.uk/events">Events</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/rd">Innovation</a></li></ul> </div> <div class="c-main-site-footer-grid__item u-6/12@medium u-3/12@large"> <h2 class="c-main-site-footer__linklist-title">Useful</h2> <ul class="c-main-site-footer__linklist-group"><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/about">About</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/membership">Membership</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/get-involved">Get involved</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/news">News</a></li><li class="c-main-site-footer__linklist-item"><a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/jobs">Jobs</a></li></ul> </div> <div class="c-main-site-footer-grid__item u-6/12@medium u-3/12@large"> <h2 class="c-main-site-footer__linklist-title">Get in touch</h2> <ul class="c-main-site-footer__linklist-group"> <li class="c-main-site-footer__linklist-item"> <a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/contact"> Contact us </a> </li> <li class="c-main-site-footer__linklist-item"> <a class="c-main-site-footer__linklist-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/headlines"> Sign up to our newsletter </a> </li> <li class="c-main-site-footer__linklist-item"> <a class="c-main-site-footer__linklist-item-link-social" href="http://web.archive.org/web/20221209175702/https://twitter.com/jisc"> <i class="fab fa-twitter" aria-hidden="true"></i> <span class="c-main-site-footer__linklist-item-link-social-copy">Twitter</span> </a> </li> <li class="c-main-site-footer__linklist-item"> <a class="c-main-site-footer__linklist-item-link-social" href="http://web.archive.org/web/20221209175702/https://www.facebook.com/jiscsocial"> <i class="fab fa-facebook" aria-hidden="true"></i> <span class="c-main-site-footer__linklist-item-link-social-copy">Facebook</span> </a> </li> <li class="c-main-site-footer__linklist-item"> <a class="c-main-site-footer__linklist-item-link-social" href="http://web.archive.org/web/20221209175702/https://www.linkedin.com/company/jisc"> <i class="fab fa-linkedin" aria-hidden="true"></i> <span class="c-main-site-footer__linklist-item-link-social-copy">LinkedIn</span> </a> </li> <li class="c-main-site-footer__linklist-item"> <a class="c-main-site-footer__linklist-item-link-social" href="http://web.archive.org/web/20221209175702/http://www.youtube.com/user/JISCmedia"> <i class="fab fa-youtube" aria-hidden="true"></i> <span class="c-main-site-footer__linklist-item-link-social-copy">YouTube</span> </a> </li> </ul></div> </div> </div> </div>  <div class="c-main-site-footer__utilities"> <div class="inner inner--main-site-footer"> <div class="c-main-site-footer-grid"> <div class="c-main-site-footer-grid__item u-6/12@medium u-9/12@large"> <ul class="c-main-site-footer__utilities-list"><li class="c-main-site-footer__utilities-list-item"><a class="c-main-site-footer_utilities-list-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/website/cookies">Cookies</a></li> <li class="c-main-site-footer__utilities-list-item"><a class="c-main-site-footer_utilities-list-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/website/privacy-notice">Privacy</a></li> <li class="c-main-site-footer__utilities-list-item"><a class="c-main-site-footer_utilities-list-item-link" href="/web/20221209175702/https://www.jisc.ac.uk/about/corporate/slavery-and-human-trafficking-statement">Modern slavery</a></li> <li class="c-main-site-footer__utilities-list-item"><a class="c-main-site-footer__utilities-additional-link" href="/web/20221209175702/https://www.jisc.ac.uk/about/corporate/carbon-reduction-plan">Carbon reduction plan</a></li> <li class="c-main-site-footer__utilities-list-item"><a class="c-main-site-footer__utilities-additional-link" href="/web/20221209175702/https://www.jisc.ac.uk/website/accessibility-statement">Accessibility</a></li></ul> </div> <div class="c-main-site-footer-grid__item u-6/12@medium u-3/12@large"> </div> </div> </div> </div> </div> <script src="//web.archive.org/web/20221209175702js_/https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script> <script>window.jQuery || document.write("<script src='/sites/all/modules/contrib/jquery_update/replace/jquery/1.8/jquery.min.js'>\x3C/script>")</script> <script src="http://web.archive.org/web/20221209175702js_/https://www.jisc.ac.uk/sites/default/files/js/js_38VWQ3jjQx0wRFj7gkntZr077GgJoGn5nv3v05IeLLo.js"></script> <script src="//web.archive.org/web/20221209175702js_/https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/jquery-ui.min.js"></script> <script>window.jQuery.ui || document.write("<script src='/sites/all/modules/contrib/jquery_update/replace/ui/ui/minified/jquery-ui.min.js'>\x3C/script>")</script> <script src="http://web.archive.org/web/20221209175702js_/https://www.jisc.ac.uk/sites/default/files/js/js_HVnCCIgHRirQpRoFWonc_8bBPFRPIQcCowhXgVKGqmM.js"></script> <script src="http://web.archive.org/web/20221209175702js_/https://www.jisc.ac.uk/sites/default/files/js/js_yxpcsmG10aGVUSD90BA4qltlgKI1rbhnUmWB7jdXazY.js"></script> <script>(function ($) { Drupal.behaviors.a43d38af18af332b021 = { attach: function (context, settings) { $("input.a06ec_field").each(function() { f=$(this)[0]; if (f.value.indexOf("b02179f3")==0){f.value="c5"+f.value.substring(6)+"21792d3fb93f37ef61_form";} }); } }; })(jQuery);</script> <script>(function ($) { Drupal.behaviors.a43d38af18a215f3c56 = { attach: function (context, settings) { $("input.a3eb1_field").each(function() { f=$(this)[0]; tok2 = f.style.fontFamily; if(tok2.charAt(0) == "'" || tok2.charAt(0) == '"') tok2=tok2.substring(1, tok2.length-1); tok2=tok2.substring(1, tok2.length); if (f.value.indexOf("3c563215f3")==0){f.value="13"+f.value.substring(5)+tok2;} }); } }; }(jQuery));</script> <script src="http://web.archive.org/web/20221209175702js_/https://www.jisc.ac.uk/sites/default/files/js/js_wbggZomfV-DSGP6P1MIUfZMdnhr6ALYxidVUJsoA5ZQ.js"></script> <script src="http://web.archive.org/web/20221209175702js_/https://www.google.com/recaptcha/api.js"></script> <script src="http://web.archive.org/web/20221209175702js_/https://www.jisc.ac.uk/sites/default/files/js/js_-bYDucO2dMNyh_p388rTq6juq7Bml1CFSjiR67jUMB4.js"></script> <script src="http://web.archive.org/web/20221209175702js_/https://www.jisc.ac.uk/sites/default/files/js/js_gGSozz5nhS9RR6GeFycLd0mjTBR0-860cSp4ccsVjF8.js"></script> <script>jQuery.extend(Drupal.settings, {"basePath":"\/","pathPrefix":"","ajaxPageState":{"theme":"jisc_clean","theme_token":"GEM03CzbJMiI0p7y9FTbBIWm-7feI0b4oXc2Oh3t3v4","jquery_version":"1.8","js":{"\/\/web.archive.org\/web\/20221209175702\/https:\/\/ajax.googleapis.com\/ajax\/libs\/jquery\/1.8.3\/jquery.min.js":1,"0":1,"misc\/jquery-extend-3.4.0.js":1,"misc\/jquery-html-prefilter-3.5.0-backport.js":1,"misc\/jquery.once.js":1,"misc\/drupal.js":1,"\/\/web.archive.org\/web\/20221209175702\/https:\/\/ajax.googleapis.com\/ajax\/libs\/jqueryui\/1.10.2\/jquery-ui.min.js":1,"1":1,"sites\/all\/modules\/contrib\/jquery_update\/replace\/ui\/external\/jquery.cookie.js":1,"sites\/all\/modules\/contrib\/jquery_update\/replace\/jquery.form\/4\/jquery.form.min.js":1,"misc\/jquery.ba-bbq.js":1,"misc\/ajax.js":1,"sites\/all\/modules\/contrib\/jquery_update\/js\/jquery_update.js":1,"sites\/all\/modules\/custom\/jisc_search_section\/js\/jiscSectionSearch.js":1,"2":1,"3":1,"sites\/all\/modules\/contrib\/captcha\/captcha.js":1,"sites\/all\/modules\/contrib\/views\/js\/base.js":1,"misc\/progress.js":1,"sites\/all\/modules\/custom\/jisc_ia_nav\/js\/JiscIaNav.js":1,"http:\/\/web.archive.org\/web\/20221209175702\/https:\/\/www.google.com\/recaptcha\/api.js":1,"sites\/all\/modules\/contrib\/views\/js\/ajax_view.js":1,"sites\/all\/themes\/mothership\/mothership\/js\/contextual.js":1,"sites\/all\/themes\/jisc_clean\/js\/jisc-lib.min.js":1,"sites\/all\/themes\/jisc_clean\/js\/extras.js":1,"sites\/all\/themes\/jisc_clean\/js\/integration\/timeline.js":1,"sites\/all\/themes\/jisc_clean\/js\/jisc-p13n.js":1},"css":{"modules\/system\/system.base.css":1,"modules\/system\/system.messages.css":1,"0":1,"1":1,"sites\/all\/themes\/jisc_clean\/css\/content.css":1,"sites\/all\/themes\/jisc_clean\/css\/print.css":1}},"jiscFlashPath":"\/sites\/all\/themes\/jisc_clean\/flash\/","searchAutocompletePath":"\/server\/search-results","urlIsAjaxTrusted":{"\/search":true,"\/views\/ajax":true,"\/search\/60323":true,"\/blog\/how-multi-factor-authentication-can-boost-cyber-security-28-nov-22#comment-form":true},"facetapi":{"view_args":{"popular_content:block_2":[],"search:block_4":["60323","blog_post","60323","blog_post","60323","blog_post"],"popular_content:block_2-1":[],"search:block_4-1":["60323","blog_post"]},"exposed_input":{"popular_content:block_2":[],"search:block_4":{"sort_by":"search_api_relevance","sort_order":"DESC"},"popular_content:block_2-1":[],"search:block_4-1":{"sort_by":"","sort_order":"DESC"}},"view_path":{"popular_content:block_2":null,"search:block_4":"search","popular_content:block_2-1":null,"search:block_4-1":"search"},"view_dom_id":{"popular_content:block_2":"f03cd07fc4aa9292473703a5c3e2fc01","search:block_4":"4f062bd589e2f56ca3a1a4ec868b062c","popular_content:block_2-1":"061df8d4761afe8edfa4b2bc0b1cc2e7","search:block_4-1":"a523117daed47d7450fde74cca6d1ee3"}},"views":{"ajax_path":"\/views\/ajax","ajaxViews":{"views_dom_id:4f062bd589e2f56ca3a1a4ec868b062c":{"view_name":"search","view_display_id":"block_4","view_args":"60323\/blog_post","view_path":"node\/60323","view_base_path":"search","view_dom_id":"4f062bd589e2f56ca3a1a4ec868b062c","pager_element":0},"views_dom_id:a523117daed47d7450fde74cca6d1ee3":{"view_name":"search","view_display_id":"block_4","view_args":"60323\/blog_post","view_path":"node\/60323","view_base_path":"search","view_dom_id":"a523117daed47d7450fde74cca6d1ee3","pager_element":0}}},"quicktabs":{"qt_rhs_blogs":{"name":"rhs_blogs","active_tab":"0","history":0}}});</script> </body> </html>

CINXE.COM

How multi-factor authentication can boost cyber security | Jisc