Information Technology Services IT Security Office
 

2FA is now required for all employees to access Patriot Web and Banner-related applications.

  PP + Duo transparent background  

ABOUT TWO-FACTOR AUTHENTICATION (2FA)

Learn more about 2FA at Mason and how to get started by clicking on the links on the right navigation bar. Please contact the ITS Support Center with any questions.

What is 2FA?

2FA uses two factors to verify you are who you say you are. 2FA makes your personal information less vulnerable and helps prevent anyone but you from accessing your accounts, even if they know your Patriot Pass Password.

  • The first factor (something you know)
    is the verification of the Mason NetID and Patriot Pass Password, and
  • The second factor (something you have)
    is generally a smartphone, but other options are available.

Mason uses Duo Security to deliver 2FA when using Patriot Web and all Banner-related applications, Cisco AnyConnect VPN, and applications protected by Mason's Central Authentication Service (CAS) such as the Travel Request System, and Libraries.

WHO NEEDS TO USE IT?

Employees (all faculty, staff, and student workers) — mandatory

Students — optional (at this time)

When do I need to use it?

You will need to use 2FA when you use the applications and services protected by Mason's Central Authentication Services (CAS) and the Cisco AnyConnect VPN. Read more about Mason's Cisco AnyConnect VPN.

How do I use it?

Mason employees log in with their NetID and Patriot Pass Password (1st factor) and confirm their identity using a physical device (2nd factor). The physical device may be a smartphone, tablet, mobile phone, or landline phone. See the List of 2FA Authentication Options.

See Use 2FA for Web Applications or Use 2FA for VPN

Picture of how 2FA works

Why USE 2FA - Mason's Commitment to Cyber Security

Universities are attractive targets for cyber criminals due to the large amounts of information that they want including your personal and banking data. Passwords alone no longer serve as enough protection and, if compromised, could result in your information getting into the wrong hands.

Mason's goal is to provide security beyond your password. Increasing usage of 2FA is the latest step in a series of projects ITS is doing to protect Mason employees against phishing scams and related cyber vulnerabilities. Previous steps included:

  • Introducing required security questions to access sensitive information within Patriot Web
  • Updating Mason's Virtual Private Network (VPN) client to improve functionality and usability
  • Requiring use of Mason's VPN when off-campus and on wireless networks to access highly sensitive applications for increased comprehensive protection
  • Requiring use of 2FA when using the Cisco AnyConnect VPN for added layer of protection
  • Upgrading Central Authentication Service (CAS)-which Mason uses for authenticating individuals for a variety of websites-and implementing 2FA to the CAS login process to reduce impact of compromised credentials
  • Retiring Patriot Web security questions and implementing CAS with 2FA for Patriot Web and other Banner-related applications