Stealing credentials is a common cyber security threat these days. As part of our continual improvement program mandated by our ISO 27001 certification and in an effort to reduce the risks associated with phishing emails that steal credentials, Information Security is implementing a project to mitigate this risk.
This service should be familiar to you if you bank in Saudi Arabia or use any government services online. A method called two-factor authentication (2FA) is used to send you a code to your mobile phone to be typed in after your password is entered. We are launching a similar service that will use 2FA when logging into KAUST systems from outside via VPN.
You will soon get an email from our partner duosecurity (no-reply@duosecurity.com) asking you to enroll into this program. Please do NOT report that enrollment email as phishing. You need to enroll into this program by June 30, after which logging in through VPN without 2FA will not be possible.
If you have any questions, please email us at infosec.operations@kaust.edu.sa.