Students now have yet another reason to be glued to their phones.

UCLA recently tightened up its cybersecurity with the implementation of multifactor authentication. Signing in to MyUCLA, CCLE or any UCLA application now requires at least two forms of verification: the original password and then a mobile app push login request, a call or a texted code. The system was first tested out on UCLA student workers and staff in October. As of April 17, all students were required to enroll for MFA to have access to their UCLA applications.

While the idea of taking a cell phone everywhere might not seem too bad to students who already are heavily reliant on technology, it can be an inconvenience to those who go through a long day of classes without charging their devices, especially commuter students.

Such students and staff have the option to buy $25 DUO tokens at the Associated Students UCLA Computer Store. Bruin OnLine can also loan students and staff a temporary DUO token if they lose or break their phones. These tokens generate a passcode needed for the second portion of the multifactor authentication process. Students can also obtain 10 free emergency passcodes for safekeeping if they run into unexpected login issues.

Yet, these options aren’t well-advertised to students. Students aren’t made aware of these options unless they stumble upon obscure help forum posts or visit the Bruin OnLine office – something they wouldn’t likely do unless they’re already having login problems.

The DUO tokens that are available to students and staff should be more readily accessible. UCLA and Bruin OnLine should give students an opportunity to choose what they think is best for them instead of just heavily recommending students to rely on the DUO mobile app, which everyone might not have access to all the time. UCLA should advertise DUO tokens not only as a temporary solution, but also a permanent way to log into university applications.

UCLA students are always on the move. Amid a whirlwind of class assignments and exams, students need to be able to easily access vital campus information.

Even though the information is online, not all students know about services such as backup codes and tokens. For example, Andy Talajkowski, a third-year English student, said while they know there are options other than those shown on the MFA login page, they aren’t sure how to access or use them.

Talajkowski said while they enrolled in MFA prior to it being mandatory and haven’t faced any issues, they know of others who have run into problems already.

 

“My roommate was separated from her phone the weekend before finals and she wasn’t able to access any of her class information,” Talajkowski said. “It was rough.”

If UCLA had better promoted its backup options, it could have given Talajkowski’s roommate a bit of a reprieve in an already hectic day.

Karen Hedges, deputy director of student development and campus life, is working on a campaign to get students to be proactive and obtain 10 one-time use emergency passcodes. She did not give specifics about what the campaign involved.

“For example, I have my 10 passcodes in my wallet and another copy at home in a drawer,” Hedges said. “If I’m anywhere and my phone is dead or broken, I could still sign in.”

Still, UCLA isn’t talking about these services enough.

Similar to Talajkowski, Mandi Yamada, a fourth-year psychobiology student, said she hasn’t heard of any alternate MFA options likes the tokens. She added she thinks UCLA should send out emails and message notifications on MyUCLA to better promote backup options, which she thinks UCLA isn’t advertising well enough.

Students were bombarded with emails about the mandatory signup for MFA before the deadline. Staff and students should receive just as many emails solely about backup options.

Yes, the extra authentication page is beneficial – but UCLA and Bruin OnLine should give students and staff the entire picture, not simply what’s convenient to most. Initiatives such as MyUCLA notifications can reach a greater audience and can make students and staff aware of the 10 temporary passcodes they can use if needed – and perhaps more importantly, how to use them.

The fact that UCLA required students, staff and faculty to enroll in MFA means it is responsible for ensuring campus members have the resources they need to successfully log into essential UCLA applications even if they don’t have access to their phones.

It’s good the university has backup options for MFA logons. But those options are no help if few – or anybody for that matter – know how or when to use them.

Published by Sandra Wenceslao

Sandra Wenceslao is an Opinion columnist.

Leave a comment

Your email address will not be published. Required fields are marked *