CIO'S MESSAGE - October 27, 2022

Cybersecurity Awareness Month – MFA Top Tips

Dear Students and Colleagues,

CSULB has been using multi-factor authentication (MFA) for approximately two years now. During this time we have seen the great benefit this additional level of account security provides our campus (check out MFA at CSULB for a refresher). As with any security measures, however, there is often more that we can do to enhance our security. Below are our top four tips to further protect your account

Image
Multi-factor authentication infographic. Text in image duplicated below


Tip #1: Authenticator App
Use Microsoft Authenticator app for Android and iOS phones. Authenticator apps are more secure than SMS or phone calls, and they provide additional features, such as viewing your recent login activity. Learn how to change and manage your MFA login methods and devices.

Tip #2: Deny Unexpected 2nd Factor Requests
Be aware of the authentication notifications you are receiving. If you do not recognize or did not attempt to log in with an authenticated service, but still receive a second-factor request, do not approve it.

Tip #3: Backup Plan
Have a backup plan in the event your device is replaced, lost, or stolen. Register more than one device and phone number. Learn how to manage and change your default MFA login methods.

Tip #4: “Passwordless” and Location Features
Consider using new multi-factor authentication enhancements, including “passwordless login” and location verification.

Bonus Tip: Use MFA Where Available
See if your non-CSULB accounts offer MFA, such as your financial institutions, by referring to this directory. Using MFA on as many of your accounts as possible provides you with extra protection, which reduces the likelihood of accounts becoming compromised.

More Fun and Learning Opportunities
The CSU is hosting several webinars (including topics on cybersecurity degrees and certifications) and a student poster contest to mark the month. Visit Cybersecurity Awareness Month for more information.

Cuc Du

Information Security Officer