Multi-Factor Authentication (MFA) with Arculix
Multi-factor authentication is being implemented at Lewis & Clark as an added layer of security, protecting the community and helping safeguard college data. Arculix is being utilized as the MFA and Single Sign On (SSO) service provider for the college. Visit What do I need? How do I get started? to begin the Arculix app setup process.
What is Multi-factor or two-step authentication?
Multi-factor authentication (also commonly referred to as two-factor authentication, two-step verification, or second-factor authentication) is an additional layer of security beyond a username and password. Typically, it involves an app installed on your mobile device, a hardware token, use of the biometrics (fingerprint or facial recognition) from a laptop, or a telephone number. After signing into a service with your username and password, you are prompted to confirm your identity via the mobile app, hardware token, biometric feature or telephone number. You may already be familiar with this process if you’ve enabled two-step verification with popular consumer services such as Gmail, Apple ID, Twitter, Facebook, as well as most financial institutions.
Why is Lewis & Clark implementing MFA?
We are concerned for the privacy of our students, alumni, and fellow employees and want to do our best to protect their information. Increasingly, accounts are being compromised in a variety of ways – weak passwords, re-used passwords, phishers, hackers, malware, etc. Multi-factor authentication helps protect community members from targeted attacks and unauthorized access to college and personal data.
Your data is important. MFA provides protection for various materials and resources such as
- Student records (grades, enrollment information, letters of recommendation, and more)
- College confidential and legally protected materials
- Sensitive correspondence in email
- Candidate materials in job searches
In the event your password is phished, guessed, or hacked, the attackers cannot impersonate you or propagate further attacks from your Lewis & Clark email address, since Multi Factor Authentication would prevent them from accessing your account.
Who is required to use MFA?
Faculty, staff, and student employees are required to use MFA. Staff will be introduced first, by department, followed by faculty and student employees.
Which services require use of MFA?
Lewis & Clark applications requiring use of MFA include access to Global Protect VPN, Slate, and others. The list will be expanding as IT moves forward with implementation.
Get started with MFA by using the Arculix mobile application. To get started, ensure your mobile device, workstation, and email access are ready.
Review the Arculix User Guide for a visual guide to setting up your MFA and getting to know the Arculix application. This guide includes links to the Apple App Store and Google Play Store for the Arculix mobile app.
What is Single Sign-on (SSO)? How does SSO relate to MFA?
- Single Sign-on (SSO) is the benefit of being able to access all L&C SSO applications and websites without having to log in again. While MFA allows for verification of a user’s identity prior to logging into any application, SSO can help limit frustration from having to log into each application individually.
- How often will I have to authenticate and use MFA? This is dependent on your role, the sensitivity of the application.