2022-10-03 - Using MFA to protect your personal accounts - Cyber Security Awareness Month

Tags NCSAM2022

It's October, the leaves are changing, the weather is getting cooler, and like the other 11 months of the year, the cyber criminals aren't taking a break.  That's why SUNY New Paltz participates in National Cybersecurity Awareness Month in October of each year.


Throughout October, starting with this message, we will be highlighting:

  • tips to help you stay safe online, not just with your New Paltz accounts, but with other computer accounts you may use, such as email, banking, social media, and other high-risk sites.
  • a 'scam of the week', covering common types of common scams (how they work, how to recognize them, etc.)



Securing your personal accounts with Multifactor Authentication


Multifactor Authentication (MFA) is also known as Two-Factor Authentication or Two-Step Login.  It isn't new for anyone here at SUNY New Paltz since we require it for accessing most web-based college resources, but I wanted to give a short overview first.


MFA is an additional layer of security beyond just the username or password.  In general with MFA, you need two of the following:

  • something you know (a username and password)
  • something you have (a smartphone with an authenticator app, a cell phone that can receive texts, a one-time-passcode token, or a USB security key)
  • something you are (biometrics, such as fingerprint readers)

The advantage of MFA is that even if a cybercriminal or other unauthorized person gets your password, they can't login without the other factor.


Though we require it at New Paltz, implementing it on your personal accounts is strongly recommended.  This is especially true for the accounts that are most at risk:

  • email accounts
  • bank/credit card/financial accounts
  • social media sites
  • cloud storage (OneDrive, Dropbox, iCloud, Google Drive, etc.)
  • ecommerce/online shopping sites
  • and even some online gaming services

The best place to get started with setting up MFA on a personal account is the Lock Down Your Login site, which has instructions for a number of sites in different categories like the ones above.  The attached PDF from CISA (the US Cybersecurity and Infrastructure Security Agency) has more info as well.

Cyber criminals are on the attack, and if you want to stay ahead of them, please consider enabling MFA on your personal accounts.

Stay tuned for more later this week and this month, for more resources to stay safe online during Cybersecurity Awareness Month!


Article ID: 146947
Mon 10/3/22 3:10 PM
Wed 10/5/22 11:14 AM