Exploring multi-factor authentication for better security at UB

Published March 14, 2019 This content is archived.

by Grace Golabek

A project by UB MBA students demonstrates the value of multi-factor authentication for greater information security at UB.

Print

Author

UBIT Student Ambassador Grace Golabek.

Grace Golabek (UB student, Class of 2019) is a Business major with a minor in Mandarin Chinese. After graduating from UB, she hopes to attend law school, pursue a career as a civil rights attorney, and revive the trend of pink business suits. A Hamburg, NY native, Grace enjoys conspiracy theories and writing.

The students, part of UB School of Management’s LeaderCORE program, were asked to partner with a company or organization as part of a semester-long project. They remembered a guest lecture given in one of their classes by UB Vice President and Chief Information Officer Brice Bible, and suggested a partnership with UBIT.

VPCIO Bible met with the team and presented them with a list of projects that UBIT is currently exploring for the university. One project stood out: bringing multi-factor identification (MFA) to UB.

What is MFA?

Multi-factor authentication increases online security by requesting additional identification measures from someone who enters a password.

At UB, for example, it might mean entering a verification code sent to your phone when logging into MyUB.

Could MFA work at UB?

Over the course of the project, the team worked with Bible to explore the challenges of implementing MFA as an additional security measure at UB. The group surveyed faculty and students to gauge their opinions about MFA and identify potential obstacles to its implementation.

Convenience vs. security

“I was surprised with the results of the survey,” said Keiara Wilson, a member of the student team. “I assumed people would think MFA was too tedious a process for logging in, but the majority of people supported it.”

“The way the survey was set up educated people on the benefits of MFA,” Wilson continued. “In the end, I think people are willing to sacrifice a little convenience for more security.”

Everyone gets a second layer of security

Because MFA commonly uses another device, like a mobile phone, to verify your identity, another obstacle presents itself: not all people have cell phones to verify their identity.

But there are other ways to receive a verification code. The group proposed that, if a student or faculty member did not have a cell phone, they could have the verification code emailed to them through a personal email address. They could also access the code though an app.

The majority of customers surveyed said that having the verification code texted to them was their preferred method.

Security at UB

Information security is a top priority for UBIT. Multi-factor authentication is one option being explored to make UB students, faculty and staff safer online.

For more information about stay safe online and protecting your accounts, visit buffalo.edu/ubit/safe.