All Stories

What multi-factor authentication (MFA) options do I have and which is best?

There are several options for authenticating with a second security factor, and which option you choose is up to you; however, we highly recommend OneLogin Protect for its ease of use and one-tap confirmation vs. entering codes from emails or text messages, which most agree is cumbersome and time consuming.

Students can choose from the following options, and each has its own benefits and drawbacks:

  • OneLogin Protect (Best Option) — By far the most preferred MFA option on campus, OneLogin Protect requires a quick app install on your phone and does not require any code entry or cellular signal, instead it uses Wi-Fi (or cellular) and a quick one-tap verification notification that shows up on your phone.
  • Google Authenticator — This is also a quick app install on your phone; however, there is no one-tap verification notification. It requires manual code entry into OneLogin similar to SMS and email.
  • Short Message Service (SMS) — A great backup option to OneLogin Protect, but as a primary method, it requires you to manually enter a code each time and typically requires cellular signal or enabling voice-over Wi-Fi on your phone.
  • Alternate Email — Like SMS, this is a great backup option to OneLogin Protect, but as a primary method, it requires you to manually enter a code each time.

OneLogin Protect (Best Practices)

  • If you’re using OneLogin Protect (if you’re not, we recommend it), be sure the notifications are turned on for the app. This will allow for the one-tap (accept) experience that saves time and removes any code entry requirements.
  • Ensure your phone is connected to Carthage-Secure or Carthage-Open (Google Pixel phones will not connect to Carthage Secure). This will ensure you get the push notifications if your cellular coverage is not present.
  • Keep the app version current. You can search the app store or play store for OneLogin Protect. If you have the app installed and see “update” rather than “open,” click “update” to get the latest version.

Why do we need MFA?

Cyber-criminals can use someone’s account to access confidential or valuable data at Carthage once they have compromised credentials. A key defense we have against these sorts of attacks is MFA, which helps to secure our accounts and data by introducing a “double lock” mechanism.

Since MFA was introduced at Carthage, there has been a significant decrease in the number of potential actions that can be taken by compromised credentials, which is more common than one would think. Those who wish to do us harm have not gone away, but with MFA, we have made their work more difficult. MFA is a necessity today for higher education institutions to meet compliance requirements, and it is quickly becoming commonplace in our lives outside of Carthage as well.

Sponsoring Department, Office, or Organization:

Library and Information Services

For more information, contact: