Skip to main content
Spartan Battle of the Week - Multi-Factor Authentication

Battle of the Week - Multi-Factor Authentication

The Battleground 

A Community College enlisted a penetration test of their systems connected to the internet for ease of access for students and faculty.    

The Presumption 

Any externally accessible systems would be secure with strong passwords and multi-factor authentication (MFA) to keep out any unauthorized access to any sensitive systems.  

The Discovery 

While password spraying reviled several accounts using weak passwords and no MFA. Using these compromised accounts allowed access into several sensitive systems, such as the ability to change student’s grades, access to budget info, and student loan accounts.   

Our Solution 

Give better training for users on developing a practice of keeping strong passwords. That will help users to see the importance of strong passwords. Also increasing the password complexity for user accounts and implement MFA on all teachers and facility, blocking unauthorized access to sensitive systems. 

Lessons Learned 

No matter how many security measurements are in place, users are always going to be the weakest link. There is an expression, “Amateur’s hack systems, Professional’s hack people.” Strong passwords are the foundation of a secure network.