Multi-Factor Authentication Will Do More Harm Than Good
October 26, 2017
NYU Information Technology’s new level of security, known as Multi-Factor Authentication, will become a requirement for all faculty and students starting Nov. 6. Some unlucky individuals, myself included, have already been forced to opt into the program in order to work on campus or because they belong to a certain department that has been testing the security system. However, students are already showing disinterest in MFA, with only 15 percent having signed up for it so far despite NYUIT having sent several emails. Although beneficial in theory, MFA is ultimately a waste of time that is bound to disrupt class times and study sessions and will increase unnecessary stress from the student body.
Even though it has not been enforced across campus yet, MFA has already begun to disrupt classrooms. This past week alone, several of my professors have had to take three to five minutes out of each of their lectures solely to go through the painstaking process of choosing which way to receive a notification — all of which must be done via your smartphone — clicking on said notification, accepting the notification and finally waiting for their screen to change to the NYU Classes homepage. Although five minutes may not seem like a long time, imagine breaking down exactly how much money we are giving NYU every minute that we are not actively learning or attempting to improve our grades. Then think about how much money is wasted with these minutes now being partially dedicated to logging into the NYU account you have so meticulously spent thousands to acquire. It’s a lot.
This isn’t even factoring in what would happen in the horrific event of someone forgetting their phone at home, and therefore not being able to log into any Net ID sign-in websites for the day. The app does recommend that each person tie the program to two cellular devices so as to avoid this, but this is a clearly unrealistic expectation to put upon NYU students. How many of your friends have two phones on hands at all times? Hell, how many people in general even have a backup cell phone? Yes, our lives are on our phones, and we millennials are obsessed with them to the point that they are deteriorating our minds, and henceforth destroying us in the same fashion that millennials supposedly destroy everything. But that does not guarantee that they’ll be glued to our sides at all times. We have all experienced the horror of losing our phones, but now misplacing them will result not only in a loss of a communication tool, but in a loss of an educational tool as well.
Don’t get me wrong. WSN did report on a major cyber hack last year, and NYUIT should be moving forward with extra security for the sake of everyone on campus. The university’s intentions are honorable and it is definitely on the right track, but at NYU, everyone is moving at a pace of a mile a minute. Some days it feels as though we barely have time to breathe, let alone spend a solid five minutes trying to log in to NYUHome. If NYUIT truly does want to protect our information, it needs to propose MFA as a trial and error system rather than enforcing it as the sole solution to cyber safety on campus.
Opinions expressed on the editorial pages are not necessarily those of WSN, and our publication of opinions is not an endorsement of them. Email Melanie Pineda at [email protected].
RG • Oct 28, 2017 at 2:32 pm
Honestly, I can agree with this a lot. I (stupidly) decided to enable the MFA over the summer, hoping it’d add an extra layer of security into logging in. So far, I’m not too impressed.
Calling is quicker than the passcode and the Duo mobile app is faster than both but it still takes time. Even with the 1-day remembering option, there are times where you’ll still be asked to authenticate. Just last week, I was asked FOUR times in one day to authenticate when I already did. Plus, what if your phone’s broken or dead? Then you’re pretty much stuck without a way to get into most of the NYU online services.
While I do admire ITS’ dedication to internet security, this should’ve been slowly tinkered with and rolled out instead of being forced into our faces.