We now use the internet for a broad range of tasks and these often use, store, or otherwise include sensitive information. So we take steps to ensure that our accounts, information and web-based resources are secure against unauthorized incursion, identity theft, and other forms of criminal activity. ITS has recently upgraded our security toolset for Canisius College, and we need to take a few steps so that our Canisius accounts are properly protected using these tools.
All Canisius College students, faculty and staff are required to configure and begin using Multi-Factor Authentication (MFA) by Wednesday, March 15th, 2023.
Those currently using MFA need to change their password, renew their security questions and answers, and verify that the email and mobile phone settings for MFA are correct.
Setting up or renewing your MFA configuration is quick and easy. Once it is activated, even if someone else somehow obtains your password, they cannot use it to log into your Canisius online resources, if they do not know the answers to your security questions, know or have access to your other email address, or have in hand your mobile phone.
We have a tutorial to show you how to configure MFA:
Here are some additional tips:
- Enable two forms of multi-factor authentication on your account. This means you have multiple options, ensuring that you can always access your Canisius account when you need to.
- Provide answers to questions that you are likely to remember but are not obvious. For example, your answer to “Favorite Sports Team:” shouldn’t be “Bills” or “Sabres,” but instead perhaps a fictional team from a movie, with upper- and lower-case characters, intentional misspellings, and letters changed to similar numbers or symbols, such as “Av*rag* J0*’s Gym”.
- Once it is completed, your password can remain the same for a full year (instead of the previous 180 days.)
- When you complete multi-factor authentication on your Canisius computer, check the box for “Trust this device.” This means you won’t be prompted for more than your password, such as your MFA options, for thirty days on that device, or until you clear your browser cache (or change time zones.)
- Digital Authenticator apps such as Google Authenticator are efficient options and useful across other MFA-required sites, such as banking, shopping or social media. They are not required for Canisius MFA but are worth considering. We use them in COLI.