What Do Students Really Think of MFA?


Screenshot by Sam Cheng

Multi-Factor Authentication requires users to select from three “authentication methods” for identity verification before accessing NYU services.

Sherry Yan, Staff Writer

Multi-Factor Authentication was made mandatory for NYU students and faculty on Nov. 6. This service added a layer of security for NYU accounts, but many NYU students bemoan the extra burden that they face when logging into their accounts.

People usually don’t face this second layer of protection until logging into the NYU system. After you input your NetID and password, three authentication options, “Duo Push,” “Call me” and “Passcode,” pop up, requiring you to verify your identity to successfully log in and access virtually any NYU service. A Wi-Fi enabled or cellular device, such as a mobile phone, is necessary for this second layer of verification.

It has been over two months since MFA has been put in place. Though the purpose of this newly-launched service is to provide effective protection of personal information online, students across campus have voiced complaints.

Steinhardt graduate student Kym Mendez said that she doesn’t need multi-factor authentication since she doesn’t worry about the security of her account.

“I am annoyed with the extra steps,” Mendez said. “Sometimes I don’t have my phone with me, and I cannot log into the services. You should be able to log in for more than one day, so you don’t have to do it every single time you want to get onto your email.”

Others have welcomed the change. Liberal Studies freshman Julienne Ching said she liked the implementation of MFA.

“Even though I know most people are probably saying it is annoying and troublesome, I think it is useful to have MFA,” Ching said. “Nowadays, hackers are getting smarter. They are finding new ways to find your information and it’s important that we have to have these preventative measures, such as MFA, to decrease the chances of such happenings.”

Ching disagrees with the widespread complaint that MFA is troublesome to use. “It is not that difficult to use MFA,” she said. “You can register multiple devices, so it is quite flexible. A few seconds of authenticating can save you much regret.”

Working in tech support, CAS junior Shaun Wang likes the concept, but he doesn’t think that every student needs this service.

“The concept is good,” Wang said. “It adds an extra layer of security, and you actually just need a smartphone, but the problem is there are still outliers who have no smartphones. I feel like only certain people in the university, like high level administrative people, actually require this level of security.”

Though students have different reactions toward MFA, Wang thinks NYU’s authentication system could learn from other established systems, such as Google’s Authenticator.

“Google’s version of MFA allows you to basically generate a number of codes,” Wang said. “So you can write the codes on your phone or a piece of paper. Anytime for whatever reason that you can’t access your phone for MFA, you just need to type the code in, so I think it is a good backup plan.”


Email Sherry Yan at [email protected]