Unexpected Duo Requests

All Seton Hall members are required to use two-factor authentication when logging in to systems that require a Seton Hall username and password. Two-factor authentication adds a second layer of security, keeping your account safe even if your password is compromised. Duo authentication requests come from user activity. When a user logs into a system using their Seton Hall credentials, a Duo authentication request is initiated. Users are then prompted to either approve or deny the request within 10 seconds of initiation.

With the recent increase in attempts to compromise Seton Hall accounts, the Department of Information Technology warns users to never approve a Duo push that they didn't initiate. Attackers who get ahold of  usernames and passwords must still authenticate through Duo to log into Seton Hall systems. A push you didn’t initiate is an attacker trying to impersonate you. Once in, they can change your login password, lock you out, add devices to your account, and use that access to scam others.

What You Need to Know about Unexpected Duo Requests

• If you receive a Duo push or call that you did not initiate, DO NOT approve it. Seton Hall's IT Security team is alerted to denied requests and can further investigate to determine if your account has been compromised.
  
  
• The Department of Information Technology cannot and will not initiate a Duo request to a user’s account. Seton Hall technicians will also never ask you to email or verbally provide your password for any reason.
  
  
• Attackers will often try to continually log in to a user's account with the intention of generating so many Duo prompts that the user will eventually just approve one. This attack technique is referred to an “MFA fatigue attack.”
  
  
• If you receive an unsolicited Duo push, change your PirateNet password immediately. 

Categories: Science and Technology