New multi-factor authentication rules to take effect November 1

New multi-factor authentication rules are set to go into effect for all Rensselaer employees beginning November 1. Anyone who has payroll and W2 information in the Self-Service Information System will be counted as an employee. This includes students employed by the Institute. The new protocols will apply to all Institute websites that use the Rensselaer Self Service login.

Multi-factor authentication will be done through DUO, which is currently used for other services at RPI including VPN login and Box. DotCIO Associate Director Colleen Morrissey told The Polytechnic that the plan is to enable MFA for all users of RSS/SIS in the future.

The change comes five months after RPI suffered a cyberattack that temporarily lead to many institute websites being unavailable. Morrissey did not mention the attack in her statement to The Polytechnic, but added that the changes are necessary because "Multi-factor authentication increases system security."