Universität Bonn

University IT and Data Center

en
06. September 2023

Multi-factor authentication is coming Multi-factor authentication is coming

IT security needs more than one factor - multi-factor authentication is coming

Multi-factor authentication (MFA), which is already familiar from everyday life and is used as a general security standard, e.g. for online banking, is now being gradually introduced at the University of Bonn.

In order to find out what is behind MFA and in what form it is carried out at the University of Bonn, we asked the team of experts in the University IT and Data Center, which designs and coordinates the introduction of MFA at the university, five questions:

Multi-factor authentication is coming
Multi-factor authentication is coming © colourbox.com
Download all images in original size The impression in connection with the service is free, while the image specified author is mentioned.

1. What is Multifactor Authentication?

Multi-factor authentication (MFA), also known as multi-factor authentication, is a generalization of two-factor authentication, in which access authorization is checked by several independent characteristics (factors).

Different forms of identification can be used for authentication, such as passwords when logging in to the web or PINs when using credit cards. These are also known as factors. The various factors are usually divided into three different groups.

The first group includes secrets that are known only to the authenticating person (knowledge). These include, for example, classic passwords or PIN codes.

The second group includes items that the person has („possession“). These can be smart cards, such as a bank card or the German ID card. Devices with certain security chips also fall under this definition.

The third group includes characteristics that the person has („inherence“). Such characteristics are biometric characteristics such as fingerprints or patterns of the retina in the eye. Facial recognition methods also fall into this group.

Withdrawing money from an ATM can be seen as an example of several factors: The bank customer must have their bank card (“possession”) and know their PIN (“knowledge”).


2. What is MFA needed for?

Multifactor authentication already protects us privately in many areas against various types of cyber attacks (e.g. phishing, brute force attacks or man-in-the-middle attacks). By using MFA, users are required to provide additional information or characteristics to gain access to an account. Even if attackers do manage to steal passwords, it's unlikely they'll also be able to steal or compromise the additional authentication factors required for MFA.


3.What will be secured with MFA at the University of Bonn?

What sounds like additional effort at first can be outweighed by the increase in security. In particular, protection against phishing attacks and to enable self-service processes (= convenience functions) will be secured by a second factor in the future.


4. When will the MFA become active at the University of Bonn?

MFA will be rolled out in waves from now on, starting with administration, as that's where Yubikeys (hardware security keys) are already deployed. There is currently no need for you to take any action - the University Computing Center project team will contact you.


5. Who will be provided with MFA?

All university employees are equipped with a second factor. You will be informed in detail about the next steps in good time.