Starting this summer, UW–Madison will require all new students to enroll in multi-factor authentication (MFA) via the Duo service by July 1.
This new deadline (previously, students had to enroll by the 2nd week of the fall semester) will help ensure student NetIDs and email accounts are more secure during the vulnerable period as they learn about campus life and the university’s digital services.
What’s next
Starting June 1, students will start seeing pop-up reminder notifications when they login to their email or other university digital services using their NetIDs. The pop-ups will appear once per week at first, increasing to daily notifications the week before the July 1 deadline.
Students who need to use a fob for MFA codes will receive additional time before the requirement kicks in. International students from countries with U.S. export controls will also have more time to enroll.
Having trouble? Contact the DoIT Help Desk for support setting up and using Duo on your phone, tablet or fob.
What’s at stake
Online attackers are always looking for vulnerable accounts to take over. They use compromised accounts for spear phishing, distributing malware, stealing personal data and other harmful purposes. Last year, attackers compromised more than 150 new student accounts (1.7% of all new students) before the fall semester began.
Compromised NetIDs can greatly harm the new student experience. They put the students at risk for identity theft, expose their private information, temporarily lock them out of email and other university services, and add considerable stress during a pivotal transition time for new Badgers.
Enrolling in MFA-Duo sooner will help protect new students from attackers by adding an extra layer of security on the NetID they use to access university services like email, Canvas, and more.