Grant Dillard
Staff Writer
On Oct. 1, the University administration made it mandatory for all students and employees to use a two-factor authentication system to log in to myGate.
The two-factor authentication system will affect any applications that use myGate credentials including Canvas, Service Log and Banner.
If students and employees have not signed up, a notification screen will be presented every time the user logs in with their myGate credentials until they have enrolled.
Users who are not enrolled in the myGate two-factor authentication system by Oct. 22 will be unable to access any of these systems until they have completed the enrollment process, according to an email sent to faculty, staff and students from the administration.
To enroll in the program, users can log in to myGate and click on the blue “enroll in myGate 2FA now” button on the home tab.
The most preferred method of setting up the two-factor authentication is by downloading the Duo Mobile app on users’ cellphones. However, users may choose a combination of many other options including text messages, phone calls, tablets, TouchID on supporting Macs, USB security keys or backup passcodes.
It’s recommended to set up a combination of backup methods in case users do not have access to their mobile devices.
If users frequently use the same computer, they can also have the two-factor authentication system remember the user for 30 days, so they will not be required to authenticate every time they access myGate.
However, the 30 days option only applies to the exact browser and computer it has previously been enabled on.
Systems like two-factor authentication are important, as usernames and passwords are no longer secure enough on their own to protect student and staff accounts from unauthorized access, according to the Murray State TeamDynamix website.
Brian Purcell, interim chief information officer of information systems, said the University’s implementation isn’t part of an ongoing trend of increasing security, but is a necessary change to augment the security of reusable passwords.
“Murray State is adding this to our authentication for web-accessible applications to protect personal data of not only students but also faculty and staff,” Purcell said.
The implementation of the new system is not a direct reaction to any security breaches, but rather the addition of an appropriate security control to protect data and computing resources, Purcell said.
Laura Castleberry, assistant director for information systems, said the new system is necessary, given the advancements in technology over the years.
“As technology evolves and more personal data is available online, users expect that the online resources they access will provide privacy and security,” Castleberry said. “This is something Murray State University takes seriously and will continue to improve upon.”
Castleberry also said many institutions in Kentucky have implemented other forms of multi-factor authentication to varied degrees.
Western Kentucky University started using two-factor authentication on Feb. 25 and University of Kentucky began the system’s use on July 17.
For those still confused on how to sign up, step-by-step instructions for different devices can be found here. Those having issues can also contact the service desk at 270-809-2346 or [email protected]. Students can also stop by their office on the 3rd floor of Applied Science North during regular business hours.
