Feature Story: The Importance of DUO Two Factor Authentication

Roberta Botello, Executive Assistant to the CIO

Q&A session with Matt Barnes, Manager of Information Security Services, Office of Information Technology

Q: Hi Matt, what is Duo Two Factor Authentication?

A: “Duo’s two-factor authentication (2FA) program integrates an added layer of security of your UCO accounts by requiring an additional level of authentication beyond your username and password. The Duo Mobile app is a free smartphone and tablet application that syncs with your UCO 2FA account to complete the authentication process. The program provides you with a secondary means of confirming your identity via mobile device, tablet, or an authentication token, which you will use every time that you sign into any of the services accessed through UCO’s single sign-on (SSO).”

Q: Can you tell me what employees should know about DUO Two Factor Authentication?

A: “Duo is not the bad guy”, said Barnes. “In times where we increasingly find ourselves using technology for our jobs, it’s more important than ever we protect our data. One of the simplest and most effective ways of doing that is with multifactor authentication services like Duo. Bad actors that manage to guess or break your passwords get stopped in their tracks by not having the key you always carry with you, whether that be your phone or a hardware token.

As an UCO employee you have the keys to the kingdom. Keys that hackers want BADLY. It’s easy to think that amidst a sea of targets you won’t be the one to be compromised, but I can guarantee you that everyone who’s account has been owned thought the same thing. Although chances your account will be compromised is low, the consequences are devastating. An account with elevated access is usually all an advisory need to bring an organization to its knees, and we see it in the news all the time.” 

Q: How can employees minimize the risk of their account being compromised?

A: “To minimize the risk of your account being compromised, you are already taking precautions such as changing passwords, not reusing passwords, using complex passwords that are difficult to break, and changing your password on a frequent basis in accordance with UCO’s password policy. But the truth is we all make mistakes, and we are one click of a malicious link away from being compromised, stated Barnes.

Let’s use house keys as an example. A regular user may only be carrying a house key, a car key, and maybe a mailbox key. If their keys were to be stolen while grocery shopping it would be bad scenario, but not the end of the world. If you are an employee with elevated access, you may have full access to your entire network or application. Your key ring, so to speak, may have a key to every house in the neighborhood, every car and every mailbox. If that keyring was stolen the result would be catastrophic. Would it make sense to go grocery shopping with that set of keys? Of course not!

Q: Matt, do you have any concluding thoughts?

A: “In times where we increasingly find ourselves using technology for our jobs, it’s more important than ever we protect our data. One of the simplest and most effective ways of doing that is with multifactor authentication services like Duo. Bad actors that manage to guess or break your passwords get stopped in their tracks by not having the key you always carry with you, whether that be your phone or a hardware token.”

Q: Where can employees locate more information on Duo?

A: For more information, review the DUO knowledge base article (KBA) or, contact the UCO Service Desk at 405-974-2255.