May 2016

Can Two-Factor Authentication be Hacked?

Two-factor authentication (2FA) does not make authentication 100% safe.  There is no magic wand that will make you invulnerable.  However, it does make authentication much safer and harder to breach.

Two-factor authentication can be compromised in several ways.  Some of these are:

  • Someone could gain access to your 2FA device or OTP list (lost or stolen phone, device, or OTP lists).
  • A malicious application (like a trojan horse) that you install on your device steals your 2FA data.
  • Real-Time Phishing (the phisher asks for your OTP,
Read more about Can Two-Factor Authentication be Hacked?

Why are there Two Methods of Two-Factor Authentication at UT?

Since July of 2014, UT Austin has been using a two-factor authentication (2FA) process to protect select online information.  The 2FA tool we've been using most of this time is called "Toopher".  Unfortunately, Toopher no longer fully complies with the UT System 2FA mandate.  Therefore, we are switching to a new 2FA tool called Duo.  Once Duo is fully implemented, Toopher will be retired.  The schedule for switching from Toopher to Duo is:

Phase 1: Beginning March 14, 2016, access to the campus VPN (virtual private network) will require 2FA via Duo. Learn

Read more about Why are there Two Methods of Two-Factor Authentication at UT?

What is Two-Factor Authentication?

Two-factor authentication (2FA) is one of the most important ways to protect our digital assets today. In brief, two-factor authentication is a process that requires two of the three authentication factors:

1) Something you know (a password, a security question, etc)

2) Something you have (a token, a debit or credit card, a RFID chip, cell phone application, etc)

3) Something you are (fingerprint, iris scan, face scan, voice recognition, etc)

Most people associate two-factor authentication only with computer access; but while you may not realize it,  

Read more about What is Two-Factor Authentication?

DMCA Avoid Copyright Violations

Peer-to-peer filesharing networks are monitored by copyright holders of digital materials and their representatives. If you are caught on campus violating copyright by sharing digital materials without authorization, you should expect to be served with a notice that reads in part:

The University of Texas at Austin has received legal notification alleging that a computer resource for which you are responsible has been used for **sharing** copyrighted material. A copy of the notice is attached.

You must contact <

Read more about DMCA Avoid Copyright Violations

Phishing -- Conclusion

Last week we published part three of this four-part article on phishing by looking at phishing by social media. This week we conclude our article by looking at what to do if you get scammed.

4) What to do if you get scammed. If after all of this you still get hooked by a scammer employing a phishing tactic, there are several things you can do in order to minimize the damage that the scammer can do. Nevertheless, remember to be quick because the longer you wait, the more likely it is that the scammer will have enough time to do substantial damage to your assets. When it comes to

Read more about Phishing -- Conclusion