Multi-Factor Authentication - MFA

User account compromises typically involve someone re-using their password on an external site or mistakenly entering in a password to a familiar-looking, fraudulent site.  Multi-factor authentication (MFA) greatly reduces the llikelihood that an unauthorized user can gain access to your account – even if someone happens to get your password, it is unlikely they will also have your phone or fingerprint.

Whitman has partnered with Duo Security to enable an additional layer of security when logging in to various Whitman-managed services.

Multi-factor authentication (MFA) is the process of identifying users by validating two or more “factors,” or characteristics that are unique to that user.

Three different characteristics are often used as factors in the authentication process:

    1. something you know  (a password)
    2. something you have  (a smartphone or a token)
    3. something you are  (a fingerprint or face scan)

The college is encouraging (sometimes requiring) MFA for all Whitman accounts – various campus groups have been successfully using this process since the 2019-2020 academic year.

More information can be found at the Multi-Factor FAQ page.

The WCTS Help Desk or the Information Security Office can answer any questions you may have.


Current List of Protected Services:

Once your account has been enrolled in the program, the following services will ask for a second factor:

  1. MyWhitman (and anywhere you see the MyWhitman login flow)**
    1. Whitmail (Google Mail)
    2. Canvas
    3. CLEo
    4. Web Help Desk
    5. PathwaysU
    6. TerraDotta
    7. WhitLife (Presence)
    8. BambooHR
    9. Sharefile
  2. Millennium terminal server
  3. Blackboard terminal server
  4. Whitman VPN services
  5. various IT-related servers and applications (system administration roles)

** web-based services allow you to 'remember' a device for 12 hours by selecting the option during verification