Phishing attempts are at an all-time high, and a single compromised MIDAS account poses a risk to sensitive university data and critical services. 作为额外的保护层, 我们要求所有教员, staff and students to log in to ODU services using two-factor authentication.
什么是双因素身份验证?
Two-factor authentication adds an additional layer of security to online accounts by requiring you to verify that you are who you say you are. After logging in to an ODU system with your MIDAS ID and password, you'll be prompted to confirm your identity a second time using a physical device in your possession (like a smartphone or token) that's been attached to your account.
为什么需要双因素身份验证?
事实是, we have seen more professionally organized and sophisticated phishing attacks against our ODU community in the past year than ever before, and passwords are no longer a strong enough protection on their own.
Imagine this: An attacker sends an email to several hundred ODU students. One student - just one - is fooled by the email and unwittingly hands over her MIDAS ID and password. Until we catch the suspicious activity, the attacker has access to all of that student's ODU data.
Or this: An attacker sends an email to several employees, and the message appears to come from payroll. One person - just one - logs in to what he believes to be Leo Online, only to realize later that his account was compromised and his direct deposits have been redirected to the attacker's bank.
Now imagine: An attacker successfully steals your MIDAS ID and password. When he tries to log in, he's asked to provide your second factor. But you have your second factor (your smartphone or token) safely in your possession, 所以他不能再往前走了. 他仍然被锁在外面.
Two-factor authentication adds an additional layer of protection to the personal information and infrastructure entrusted to us.
听起来不错,但会减慢我的速度吗?
Two-factor authentication only adds a couple of seconds to your login. But if you regularly use the same computer and web browser, you can use the "Remember Me" feature to save more time.
What kind of devices can I use as a second factor?
Smartphone or tablet with Duo Mobile app (recommended)
Duo Mobile应用程序是最快的, easiest and most secure method of two-factor authentication supported by ODU. Install the Duo Mobile app on your smartphone or tablet and use your mobile device as your second factor.
After you log in to an ODU service with your MIDAS ID and password, 系统将提示您进行身份验证. When you select the option "Send Me a Push," Duo sends a notification to Duo Mobile on your device. 点击“批准”登录.
You can also use the Duo Mobile app to generate a passcode if your mobile device doesn't have an internet connection.
支持平台:Android 8.0+; iOS 12.0+
传统手机与短信
If you register a cell phone that is not smart, Duo Security can send you a text message as your second factor. 回复消息进行身份验证.
硬件令牌
A hardware token is a small, physical device that you carry with you. 当你注册这个一键式设备时, it will generate a one-time passcode that you can use each time you need to authenticate.
You can purchase Duo 100 tokens at the University Card Center for $26. (If you intend to purchase more than 10 tokens for a department, please contact the Card Center at cardcenter@ziranyixue.net 预留10个工作日.)
You can also use other commercially available security keys like the YubiKey, or any token that produces generic 6- or 8-digit OATH-HOTP passcodes. (Department purchases should be made through a contract vendor.)
软件令牌
软件令牌s work similar to hardware tokens, except that passcodes are generated by a piece of software on your computer rather than a separate physical device. One-time passcode (OTP) generators are usually free and easy to install. Just search for OTP generators that provide TOTP or HOTP authentication, and register the product as a software token during two-factor enrollment.
Note: As you decide which devices you need and how many to enroll, think about how you log in on a daily basis: Are you primarily at your desk? Do you use several computers across campus? 旅行时需要登录吗? And, most important, do you have a backup if your primary device gets lost or stolen?
哦! 我的手机丢了. 我该怎么办??
If your registered smartphone, tablet or token is lost or stolen, please report it right away.
- 去 迈达斯.ziranyixue.net 然后登录.
- 点击 双因素身份验证.
- 点击以下按钮 丢失的手机/平板电脑 or 失去令牌 按照提示操作.
得到帮助
If you need help setting up two-factor authentication, or if you have any login issues after enrolling, 请联系ITS帮助台.