October is Cybersecurity Awareness Month.
During October for Cybersecurity Awareness Month, the Information Security Office is highlighting security practices so you can protect your digital identity and Rice resources.
ABOUT MULTI-FACTOR AUTHENTICATION (MFA)...
Rice University uses Duo Security as its MFA solution.
It provides extra security by confirming your identity when logging into accounts, like entering a code texted to a phone or generated by an authenticator app. Push notifications are also common methods of multi-factor authentication, including those from the Duo Security app.
But MFA is is not just for Rice resources.
Turn on MFA wherever you need extra protection, like your online bank and your personal email. Look up the MFA options for your favorite apps and websites!
Implementing MFA can make you 99% less likely to get hacked.
This added step prevents unauthorized users from gaining access to your accounts, even if your password has been stolen or exposed.
BE AWARE OF "MFA FATIGUE" ATTACKS
Some Rice community members have reported receiving multiple authentication requests from Duo that they did not prompt. This is known as an MFA Fatigue attack.
An MFA Fatigue attack – also known as MFA Bombing or MFA Spamming – is a cyberattack strategy where attackers repeatedly push authentication requests to the target victim’s email, phone, or registered devices. The goal is to coerce the victim into confirming their identity via notification in order to get the requests to stop. In order for an attacker to accomplish this attack they must have a stolen password.
If this happens to you, report it to the OIT Help Desk and reset your password immediately at mynetid.rice.edu.
For more tips and knowledge about security, please visit our website: iso.rice.edu
Thank you for helping us maintain a culture of security at Rice!
Information Security Office
Rice University