Two-Factor Authentication

KSU now requires multi-factor authentication for all users.  Users are required to complete two methods for two-factor authentication to access their KSU One login account.

Questions? Contact the IT Help Desk at (502) 597-7000.

What is Two-Factor Authentication (2FA)?

Multi-factor authentication (MFA) is an extra layer of security to prevent cyber-criminals from gaining unauthorized access to your personal information as well as sensitive and confidential KSU resources and data.

Two-factor authentication (2FA) is a subset of multi-factor authentication that requires you to verify your identify a second time by providing something that you have (mobile phone, key fob, other device) in addition to your password (something you know). It helps to make certain that your account is being used by you by making it more difficult for cybercriminals to log into your KSU One account.

Why is KSU Moving to 2FA?

Higher education institutions are targets of cybercriminals due to technology resources and sensitive information. In order to protect these resources, there must be several layers of security in place. 2FA provides an additional layer of protection and assists in reducing the risk of unauthorized access.

Is enrolling in 2FA @KSU required?

Enrolling in 2FA became madatory 11/02/2020.

Want to Know More information about 2FA?

Inherence factors include biological traits that a user must have in order to log in. This includes a number of biometric items such as fingerprint scans, retina scans, facial or voice recognition.

This category includes items that a user must have in their possession in order to log in. This includes a mobile device, key fob, employee ID cards or one-time password tokens.

Once a second factor is introduced, it is more difficult for a hacker to steal a user’s password and something that they have in their possession.

Items that typically fall into this category are known to the user such as passwords, user names and PINs. However, passwords alone are not enough because users often use the same passwords or use passwords that are simple to determine. So entering two different passwords will not work.

Multi-factor authentication (MFA) provides additional layers of security because a user’s credentials must come from at least two of three different factors or categories. With two-factor authentication (2FA), only two credentials are required, but MFA can use any number of factors for credentials. Credentials will fall into the following categories: Something you know, something you have or something you are.


Change your phone number or authentication email for two-factor authentication (2FA)

Click here if you are changing the phone number and verification email you use for 2FA.

NOTE: This change must be completed prior to de-activating the old phone number or email.