Page History

Overview

To provide better security to Suffolk Workday service services and due to the recent focused spear phishing attempt trending attempts to gain credentials to Suffolk University Workday service services Suffolk University ITS implemented a high-security login process for Workday users. This will require a second method of validation to confirm the identity of all users when logging in to Workday. This is referred to as systems secured with a two-step or two-factor authentication process. Suffolk University will be using a two-factor authentication (2FA) system provided by Duo Security. In using this system all these systems users will be required to confirm their identity using one of several options that are available (see details below).

...

Just tap the key button to generate a passcode. This works anywhere, even in places where you don't have an internet connection or can't get cell service.  

...

To use the passcode "382033" if your password is "<your_password>", type: <your_password>,382033

If you have any questions or concerns regarding the implementation of this two-factor authentication, please contact servicedesk@suffolk.edu.

...

The main disadvantage of the username/password (login method) is that this combination is only a single piece of information that a malicious individual needs to obtain in order to compromise your account(s).Two-factor authentication adds an extra layer of security to your login practice by requiring you to have in your possession something physical and unique to you. This physical object can either be your cell phone, your office phone, or even a tablet. Suffolk University has partnered with Duo Security to provide the infrastructure for two-factor authentication. For more information on two-factor authentication as provided by Duo Security, go to http://guide.duosecurity.com  

What different methods are available to Authenticate? 

...

* Use this link to access more information on the Duo Security website.

...

Contact the Suffolk University ITS Service Desk servicedesk@suffolk.edu or call 617-557-200 immediately if you lose your phone or suspect it has been stolen. We will disable your phone from being able to authenticate with Duo and help you log in using another device.

...

What if I forget my smartphone at home?

...

To login with an alternate device (that has been previously configured and set up in Duo) other than what you set as the default, you will need to select when you log in. 

• • On the Suffolk Workday login Page, Enter your Suffolk username and password hit enter

...

• • Click Login, and then follow the instructions to authenticate with your chosen method or device. 

Reminders

• • Never share your passwords with anyone
  • Suffolk University, Information Technology Services (ITS) and ITS third-party service providers will NEVER ask for your account passwords
  • If in doubt about a web link don't click, instead type it in the web address yourself and make sure it is a valid web address / URL that you are browsing to.

You should never circumvent password entry with auto logon, application remembering, embedded scripts or hard-coded passwords in client software, except for University email, which is password secured by the overlaying operating system on University User workstations or smart devices.

Computing devices must not be left unattended without enabling a password-protected screensaver or logging off of the device. Smart devices such as smart phones should be set to auto lock and require a password or pin to unlock. Laptops and personal smart devices should always be under your control and should be secured when not being used.

If you suspect or have reason to know that the security of a password may be compromised, the password must be changed immediately. Under such circumstances, you should immediately report the discovery to the Suffolk University ITS Service Desk (617) 557-2000. 

...

For information about Walk-in Support, http://www.suffolk.edu/explore/60186.php

...