Additional login protections for New Paltz students

Posted on by

In order to better protect the computer accounts of New Paltz students, we are expanding our use of the Duo service (which is already required for faculty and staff) to protect students as well.

What is Duo?

Duo is a Multi-Factor Authentication (MFA) service. MFA protects your login so that in addition to something you know (your username & password), you also need a physical object you have (typically a smartphone with the Duo app – but physical USB security keys are also available for those who do not have smartphones). With this in place, a cyber-criminal can’t just login to an account (even if they’ve gotten your password via phishing, malware, or due to password reuse from other compromised sites).

How will it work at New Paltz?

Aside from anyone who has had a previous account compromise – we are initially asking students to opt-in to Duo. To better protect your New Paltz accounts, you just need to:

  • Download the free Duo Mobile app on your smartphone
  • Then go to: https://www.newpaltz.edu/duo-signup
  • Once you do, you’ll be automatically enrolled in Duo within the hour – such that your next login to a Duo protected service (my.newpaltz.edu, Blackboard, Office 365, VPN, and a number of others) will prompt you to setup the Duo app.

There are some systems which will require Duo sooner rather than later:

  • As of Friday, May 1, the College’s VPN service will require Duo. If you are not in Duo and you try to log in to our VPN after May 1, you’ll be prompted to set it up.
  • As of June 1, Office 365 will require Duo to login. As with the VPN, if you are not in Duo and try to log in to it after June 1, you’ll be prompted to set it up.
  • Sometime in the fall semester (date to be determined but it will be announced in advance), we will be requiring Duo to access systems like Blackboard or the electronic payment site CashNet.

For more information on how Duo works, see our Duo Frequently Asked Questions at: www.newpaltz.edu/duo

If you have any questions that are not covered by that FAQ, please email me (chauvetp@newpaltz.edu).

P.S.  If you are graduating (congratulations if so!) – and don’t use Office 365 or the VPN – you can ignore this message. For now at least, our license for the Duo service does not cover alumni – so you will continue to be able to access Hawkmail or my.newpaltz.edu as an alumni without Duo.

Paul Chauvet, CISSP
Information Security Officer