Skip Navigation
Services

The Importance of MFA

You hear about it almost every day in the news. Hackers are successfully gaining access to corporate resources; stealing data and causing harm to the reputation of organizations and individuals alike. It is IT's role to stop them. We've made some significant advancements, but we still have a ways to go. One of the biggest attack vectors is when a user's account becomes compromised by a hacker who has correctly figured out a user's password. Report after report state how insecure the almighty username and password is, yet we rely on this single form of authentication everyday. An account which has been protected with multiple forms of authentication makes hacking much more difficult, if not nearly impossible. 

What is Multi-Factor Authentication?

Multi-Factor Authentication is also known as MFA or Two-Factor Authentication (2FA). As the name suggests, it means combining more than one method of authentication to verify your identity. There are all sorts of interesting ways to implement this including using your fingerprints and asking you a series of personal questions. Some methods are more secure than others. Thanks to sites like Facebook guessing your first dog's name isn't as difficult as it was years ago. Here at Johns Hopkins, we offer three forms of secondary authentication: time based one-time passcodes (myIT Login Code), text message based one-time passcodes (myIT Security Alerts), and Secret Questions and Answers

Why can't I just continue to just use a password?

To be honest, they are usually too short and too easy to guess. Have you ever created a password with a number on the end and just incremented the number by one each time you have to change it? Have you ever used the same password for multiple websites? We could go on and on as to why passwords are insecure. One way to combat a weak password is with the incorporation of a second piece of authentication (something you have, something you know, or something you are). This is known as Multi-Factor Authentication (MFA).

Using the JH Pulse Secure VPN with Multi-Factor Authentication

To increase our security presence here at Johns Hopkins, our VPN requires the use of your myIT Login Code whenever you want to connect.  When you launch the VPN, you will be required to log in with your JHED ID, password, AND your myIT Login Code.  For more information, please visit our Setup Instructions page.

 

If you have any problems or questions, please contact enterpriseauth@jhmi.edu.