By: Aubrey Cox
Volunteer State Community College’s password system which requires frequent resets and multi-authentication may change soon.
The Authenticator app, also called MFA (Multi-Factor Authentication) is put in place in case of confiscation of student or faculty login information and cyber-attacks.
This was enacted by government officials on Sept. 9, 2022. This regulation should affect every state in America, and the schools who have not been using the App should expect it soon according to Vol States Chief Information Officer, Jason King.
However, many students do not use this app. They receive an authentication code that gets sent to their phone number.
The Authenticator App does affect every login for Vol State websites, however, everything that is needed to log in for classes, or in general can be found in Vol State Student Portal which will only require one authentication transaction.
Anything hosted by the TBR, such as registration, does require more than a single sign-in. For example, to access the payment gateway. In which you can obtain information about your tuition, you must sign in a second time.
First-year student Arianna Perez, “It is very overly exaggerated and inconvenient due to the fact that if you want to just log in really quickly and you can’t because you have to go through three different authentication codes, it is inconvenient for me as well as other students.”
As another source of security, students and faculty are required by the Vol State Password Management Policy to reset Microsoft passwords.
Students must change passwords every 120 days, and faculty every 90 days.
Although the Authentication system was put in place in Sept. 2022, the password reset policy was put into effect on Aug. 1, 2014.
The Password Management Policy explains password requirements involving authentication and that password resets are another way of protecting information. “Passwords will be used for authentication of access to all VSCC domains and systems except where stronger authentication methods (such as biometric authentication or two-factor authentication) are deemed necessary. The effectiveness of passwords to protect access to the institution’s information directly depends on strong construction and handling practices.”
Jason King mentioned that a governing body called NIST has begun loosening password requirements because of the MFA, instead recommending longer passwords (a passphrase) instead of having to change and remember passwords every so often.
Changing the password requirement from eight characters to 14 or 16 characters but not having to reset it is something Vol State members might see in the future.