MFA Changes - December 23, 2024

To protect Rockhurst University from evolving cybersecurity threats, ensure regulatory compliance, and improve the user experience, Computer Services routinely enhances our multi-factor authentication (MFA) system. During the holiday break, we are implementing changes to strengthen our network defenses and address potential vulnerabilities.

Enhanced Multi-Factor Authentication

The new MFA settings are now in place as of December 23, 2024. To access the new MFA settings manually, login to the portal and click the three bars on the top left, expand resources and click "Multifactor Authentication Settings" to configure different MFA options now.

Starting the morning of January 2nd, 2025, all Rockhurst community members that login to the (Rockhurst Portal) will be prompted to and must select at least two authentication methods from the following options to access their network accounts:

Authenticator App: Use a compatible app such as Google Authenticator or Microsoft Authenticator. (Smartphone required) Installation instructions for Google and Microsoft.
Duo App: (Rockhurst employees only) This option sends a push notification to your device to confirm your identity. (Smartphone required) Installation instructions for Duo.
Email to a Non-Rockhurst Account: Receive a one-time passcode at your personal email address for verification.
Text Message: Receive a one-time passcode via text. (Text-capable phone required)
Security Questions: Security questions will be disabled on 01/09/2024 (See details below)

Retirement of Security Questions

On January 9th, 2025, security questions will no longer be accepted as an MFA method due to their vulnerability to social engineering and public information exposure. To avoid network access issues, ensure you have selected at least two of the available MFA options before this date.

Guidance for Users Without a Smart Cell Phone

If you do not have a smartphone or text-capable cell phone, please contact the Rockhurst Help Desk at (816) 501-4357 as soon as possible to set up an alternative MFA method. This will ensure that you retain access to the network once security questions have been removed as options for the portal MFA.

Required Password Reset

To further enhance network security, passwords will now expire every 180 days, starting January 9, 2025. When prompted, depending on the date of your last password change, you will need to enter your current password and create a new one that meets Rockhurst’s strong password requirements. The system will guide you through the process to ensure compliance with these security standards.

Thank you for your cooperation in maintaining Rockhurst’s cybersecurity and protecting our community from emerging threats.

BART J KLEIN

Associate Vice President / CIO

Information Technology

O (816) 501-4780 | C (816) 520-2800

1100 Rockhurst Road | Kansas City, MO