As of November 14, 2017, University of Pennsylvania staff are required to use Two-Step Verification as an added layer of security to the PennKey login process. Your school or center IT department likely provided you with some information about the value of using Two-Step Verification. However, you may continue to wonder why the additional step is needed to log in if you already use a secure password.
The answer is simple: it is for the same reason you place a second lock on your house door. The additional lock adds a second security layer to protect your valuable property from intruders or theft.
Similarly, the University of Pennsylvania requires you to use a strong password and Two-Step to protect both its and your own valuable information and computing assets from unauthorized access or theft. Two-Step adds a second layer of security which works just like a second lock on your door. It protects you against hackers, who collect users’ passwords by using various social engineering techniques like phishing or by capturing them using hardware or software keyloggers to collect keystrokes.
With Two-Step Verification, you use something you know (your PennKey password) and something you have (e.g., your phone, fob, or a friend) to verify your identity as an authorized user. It’s that simple. And while Two-Step is required for staff, faculty and students are encouraged to enroll as well.
For more information or to enroll in Two-Step, visit http://upenn.edu/two-step