skip to content
  • Calendar
  • Maps

Two-Factor (2FA) Authentication

What is 2FA and why do we need it?

With the ever increasing malicious activities worldwide, the threat of identity theft and loss of data is always a concern. Weber State University must take actions to ensure that campus credentials and private information are not compromised, especially when working with data relating to the Family Educational Rights and Privacy Act and the Health Insurance Portability and Accountability Act . WSU and all higher education industries are dedicated to the protection of our mission-critical information systems and applications that containing Personally Identifiable Information , Personal Health Information , Payment Card Industry Data Security Standard and other confidential information.

The problem is not just phishing, weak passwords, shoulder surfing, or keystroke logging. These are types of attacks. What is of most concern is compromised credentials. By implementing two-factor authentication we are adding an additional layer of defense to maintain security and stay in compliance with government mandates.

Two-factor authentication (also known as 2-factor, dual factor, 2FA, or 2-step verification) is a way of confirming or validating a user's claimed identity by using a combination of two different components during the authentication mechanism of a connection.

Two-factor authentication is a type of multi-factor authentication. Multi-factor authentication (MFA) is a technique of computer access control in which a user is only granted access after successfully presenting several separate pieces of evidence to authenticate a user – typically at least two of the following types of categories are used for 2-factor to be implemented.

The categories are:
  • Something the user knows, like a password or PIN.
  • Something the user has, such as a fob (A fob, commonly called a key fob, is a small security hardware device with built-in authentication used to control and secure access to network services and data. The key fob displays a randomly generated access code, which changes periodically, usually every 30 to 60 seconds.), phone, or ATM card (Smart cards are credit card-sized devices that hold a small computer chip).
  • Something the user is, (e.g. fingerprints, retina, or voice pattern.)

The reason to use 2-factor authentication is to provide enhanced security for access to accounts, services or systems. It can help to protect access to your accounts in the event that your password is stolen or your account was compromised.

  • Authentication Mechanism: a procedure for authentication. It specifies a challenge-response protocol in which data is exchanged between a client and a server for the purposes of authentication.
  • Authentication and Security: Authentication is essential for security. It is the process of confirming the identity of a user (or in some cases, a machine) that is trying to log on or access WSU resources. There are a number of different authentication mechanisms, but all serve this same purpose.
  • Authentication vs. Authorization: It is easy to confuse Authentication with another element of the security called Authorization. While Authentication verifies the user’s identity, Authorization verifies that the user has permission to access a resource.

The two work together. Authentication occurs first, then Authorization.

Learn More About 2FA

2FA at WSU

Duo is a third party 2FA system that the university has implemented. It helps to protect access to your accounts in the event that your password is stolen or compromised.

Learn about DUO

2FA for Personal Accounts

You may use 2FA to secure access to your personal email accounts, gaming accounts, banking or online shopping accounts.

Personal 2FA

Lock Down Your Login


This video was published on Sep 30, 2016 (See

72 percent of Americans believe their accounts are secure with only usernames and passwords, yet every two seconds there is another victim of identity fraud. Your usernames and passwords are not enough to keep your accounts secure. You have enough to worry about, so what can you do about it? Luckily, there’s a simple and quick way to put you in control of your personal information and keep your key accounts like email, banking and social media safer - it's called strong authentication. Turning on strong authentication can give everyone greater peace of mind to chat, play, shop and connect across the web.

Learn how you can Lock Down your Login:
Share using #LockDownURlogin