FDU’s Cisco Duo: Digital Security or Just a Nuisance?

By Jhoana T. Merino-Martinez

News Editor

FDU’s adoption of Duo authentication technology for increased security has led to double trouble, some students say. 

A system-wide announcement on Sept. 14 mandated all students to register for Cisco Duo Multi-Factor Authentication (MFA). 

The email provided a link to register before Oct. 5. Students were told to download the Duo app on their mobile device in order to approve or decline any attempts to sign in with their student account. The process is: log into an FDU web service, click to enter, then have a push notification sent to your device, then click ‘okay’ on the push to enter the site. 

Students who did not register by the date were not be able to access any FDU site that requires NetID — like Webadvisor and Webcampus, which is used for all online classes this semester — without Duo. 

This ultimatum caught many students by surprise, and for some, it was a bother. 

“I personally think it’s unnecessary,” said Hannah Farrow, a senior forensic science and criminal justice major. “It’s annoying having to log onto the website, then log out, just to go into the Duo app just to authenticate me going into the app!” 

The Equinox reached out to Neal Sturm, FDU’s chief information officer, to get more background on the decision to mandate a second authentication to use with certain FDU sites.

“The University has been experiencing issues with hacked email accounts for quite some time,” Sturm said. “We have deployed state of the art detection processes to quickly identify compromised accounts.” 

He added that, in years past, students would find themselves locked out of their email accounts and have to contact the University Technical Assistance Center (UTAC) to regain access. 

Sturm said that the concept of double authentication is not new; businesses and higher education institutions have adopted it to defend users against hackers. 

The Ann Arbor, Mich.-based Duo Security technology was assessed by FDU’s Data Security Incidence Response Team and implemented because the frequency of compromised FDU accounts was “too great to ignore,” Sturm said.

“It is our expectation that the implementation of DUO will put an end to the chapter on this nefarious activity,” Sturm said. 

According to Sturm, as of Oct. 15, approximately 8,542 students registered with Duo. Some 10% of students contacted UTAC with questions about the process. 

The biggest hurdle, Sturm said, are students who do not have a smartphone or own an older model that is incompatible with Duo. 

“For those students, we do have a solution to allow text messages to be sent, but texting is truly reserved only for students with no means to receive the push notification,” Sturm said.  

By calling UTAC at (973)-443-8822 , these students can receive a bypass code to access FDU applications and then click “remember me” to not re-authenticate for 60 days. 

While this feature is especially helpful for this population of students, Jarlyn Rodriguez, a sophomore English major, believes that it takes the meaning out of Duo’s purpose. 

“It literally feels pointless and takes up time, unless you have it remember you for 60 days,” she said. “But then, what’s the point of ‘safety’ if you’re just gonna have it remember you?” 

For any issues, students are urged to contact UTAC. 

Please follow us on Instagram, Twitter, LinkedIn and YouTube. Write to us at equinoxfdu@gmail.com.