Information Technology Services IT Security Office

  Coming April 15, 2018 (All Employees):
  2FA for Patriot Web and Banner-related applications


Learn more about 2FA at Mason and how to get started by clicking on the links on the right navigation bar. Please contact the ITS Support Center with any questions.

What is 2FA?

2FA uses two factors to verify you are who you say you are. 2FA makes your personal information less vulnerable and helps prevent anyone but you from accessing your accounts, even if they know your Patriot Pass Password.

  • The first factor (something you know)
    is the verification of the Mason NetID and Patriot Pass Password, and
  • The second factor (something you have)
    is generally a smartphone, but other options are available.

Mason uses Duo Security to deliver 2FA when using the Cisco AnyConnect VPN and applications protected by Mason's Central Authentication Service (CAS) such as the Travel Request System, and Libraries. On April 15, 2018, ITS will introduce 2FA for Patriot Web and all Banner-related applications.

Picture of how 2FA works


Employees (all faculty, staff, and student workers) — mandatory

Students — optional (at this time)

When do I need to use it?

You will need to use 2FA when you use the applications and services protected by Mason's Central Authentication Services (CAS) and the Cisco AnyConnect VPN. Read more about Mason's Cisco AnyConnect VPN.

How do I use it?

Mason employees log in with their NetID and Patriot Pass Password (1st factor) and confirm their identity using a physical device (2nd factor). The physical device may be a smartphone, tablet, mobile phone, or landline phone. See the List of 2FA Authentication Options.

See Use 2FA for Web Applications or Use 2FA for VPN

When is this happening?

ITS is working within the following project timeline:

February 20, 2018

    Upgrade CAS and implement 2FA for CAS applications and services (e.g. the Travel System, Libraries, etc.)

February 20, 2018

    2FA for CAS required (for previously 2FA enrolled employees)

March 1, 2018

    University-wide voluntary enrollment/2FA integration with Patriot Pass password change process

April 2018

    Implement CAS with 2FA for Banner applications/decommission Banner security questions

April 15, 2018

    Mandatory use for all employees using Patriot Web/Banner

Why USE 2FA - Mason's Commitment to Cyber Security

Universities are attractive targets for cyber criminals due to the large amounts of information that they want including your personal and banking data. Passwords alone no longer serve as enough protection and, if compromised, could result in your information getting into the wrong hands.

Mason's goal is to provide security beyond your password. Increasing usage of 2FA is the latest step in a series of projects ITS is doing to protect Mason employees against phishing scams and related cyber vulnerabilities. Previous steps included:

  • Introducing required security questions to access sensitive information within Patriot Web
  • Updating Mason's Virtual Private Network (VPN) client to improve functionality and usability
  • Requiring use of Mason's VPN when off-campus and on wireless networks to access highly sensitive applications for increased comprehensive protection
  • Requiring use of 2FA when using the Cisco AnyConnect VPN for added layer of protection
  • Upgrading Central Authentication Service (CAS)—which Mason uses for authenticating individuals for a variety of websites—and implementing 2FA to the CAS login process to reduce impact of compromised credentials
  • Coming April 2018: Retire Patriot Web security questions and implement CAS with 2FA for Patriot Web and other Banner-related applications