In today’s cyber threat landscape, static login credentials alone are no longer sufficient to protect our systems and data. These credentials are highly susceptible to phishing and offline cracking (if the corresponding password hashes are exposed). Two-step authentication adds a dynamic component to logins, which significantly mitigates this risk.
Per the Stanford University Minimum Security Standards, two-step authentication is required for all interactive user and administrator logins to Moderate and High Risk systems.
Stanford University has standardized on Duo for its two-step authentication capabilities. Below are links to instructions for integrating Duo into your servers and applications.
Duo configuration instructions:
See the Two-Step Authentication page for general information about this service.
For more information or assistance, please submit a Help request.