CSU to implement two-factor authentication for campus networks

Yixuan Xie

With increasing issues of data leaks in the digital era, Colorado State University will require students, faculty and staff to use a two-factor authentication system beginning April 25, which requires users to use two different methods to identify themselves, such as entering a username and password, by adding a second level of authentication to the log-in process.

According to Dave Hoffman, the project manager for Academic Computing Network and Services, there are two reasons to use the two-factor authentication: to better protect personal identity information of each individual on campus and to protect the intellectual property of the University, such as research information.


“There are places being hacked,” Hoffman said, referencing how ransomware affected the Colorado Department of Transportation in late February. “Hackers encrypt all of your data and all of your computer to demand a ransom somewhere in order to unlock it all. We just need to protect ourselves from those things.”

At CSU, users will be required to use a phone or another token in addition to their username and password in order to complete the login. Registering a second-factor device began March 19, but students and faculty can still register a second device by clicking on the Sign-Up/Modify Devices button on the www.authenticate.colostate.edu website.

According to the ACNS website, students, faculty and staff can register the following devices:

  • A smartphone (Recommended) with the Duo mobile app, which can be downloaded from a phone’s app store. Students, faculty and staff can also generate a six-digit code using the Duo app that can be entered to validate someone’s identity.
  • Any phone number can be registered from a cell phone, desk phone, home phone, etc. and the system will call the number provided to validate one’s identity.
  • A hardware token, which can be purchased from RamTech for $23.75 and will generate a six-digit code that you can use.

Hoffman said the Central IT Technical Support Helpdesk has been testing two-factor authentication at CSU for the last two years. As of the morning of March 21, 1,800 people had already registered, and over the last six months, a little over 13,000 people have used the service.

Hoffman said students will benefit from two-factor authentication by feeling more comfortable that their data, which they may not want publicly shared, is being protected.

“Anytime you have to log in with your username and your password, there are lots of people that are trying to figure out what that information is through phishing attacks and through a lot of other methods,” Hoffman said. “But, if people could get your user ID and your password, they still cannot log in to your account if you have two-factor authentication set up, unless they also have your cell phone or whatever you are using as a second-factor device.”

The first phase to implement two-factor authentication will be restricted to anyone using the secure.colostate.edu web portal or the Pulse Secure desktop or mobile client to connect to CSU. Hoffman said anyone who has never used secure.colostate.edu to login or Pulse Secure will not be affected.

Hoffman said ACNS is considering using email for the second phase of protecting campus networks.

“That would not be necessarily your Ram account on Google because you can currently set up Google for two-factor authentication if you want to. But if you have an Office365 account, you will be required at some point (in) time to use two-factor authentication,” Hoffman said. “All new students starting spring of 2019 will be provisioned with an Office365 account.”

“We would recommend each person register a back-up device in case you lose your phone or forget it at home or the battery is dead,” Hoffman said.


For people who travel internationally, Hoffman said they can use a token or register international phone numbers.

Grace McKevitt, a sophomore nutrition and food science major, said she really likes the change.

“I like it because it reduces the risk of some people hacking into your account where you have a lot of stuff,” McKevitt said.

Kimberly Lopez, a sophomore biological science major, said she can see the pros of two-factor authentication.

“I don’t think it’s that much extra work because there are a ton of other pop-ups that ask you to verify your identity,” Lopez said. “It is better to have that security.”

Collegian reporter Yixuan Xie can be reached at news@collegian.com or on Twitter @YixuanXie1.