Morehead State University has undertaken new measures to ensure the cybersecurity of its students and faculty.  

On January 13, MSU’s Information Technology Department began implementing Multi-Factor Authentication. When logging on to university associated accounts, students are now required to verify their identity using a secondary device.  

The IT Department chose to take further security measures due to the number of MSU associates that had been locked out of their accounts from phishing scams. These are a type of cyber-attack typically sent by email to retrieve user data. 

“One of the biggest security problems that we have is phishing,” said Patrick Gonzalez, a member of MSU’s IT Department for over 17 years. “Students, faculty and staff are all subjected to countless phishing emails every day.”  

In a recent online survey, 41 MSU students gave their opinions on the new system. Participants had mixed reviews, as about half reported having issues with MFA.  

2023-02-06 (2).png

A survey of 41 MSU students indicates that while some users are experiencing issues with MFA, others are not. Graph created by Harley Spradlin | The Trail Blazer

Student responses indicated that this new set-up requires a significantly greater amount of time and effort to access university accounts. Sophomore Kylie Pollett said that the IT department could have made the transition easier with clearer communication or by “sending more emails, because they really only sent one or two.”  

Even after the reimplementation of the system on January 26, many students still report having issues with MFA, such as still not having access to their accounts after having completed all the steps to verify their identityNevertheless, students like J.D. Johnson, a sophomore computer science major, recognize that the new system keeps accounts much safer. 

“I think it helps increase safety in faculty and students,” said Johnson. “We students often get phishing emails from people and it’s kind of hard to tell that they're not real.” 

Gonzalez states that this new system is permanent, and more security implementations will continue to be put in place over the next few years.