The Identity and Access Management Office has launched a two-factor authentication pilot using the RSA SecurID® product. The pilot project is an exploration of ways to improve security for accessing the OnePurdue portal.
Most Purdue IT systems require you to enter your career account login name and password to log in. Anyone who guesses or steals your password can then log in to the same systems as you. For this reason, reusable passwords are an inherent security risk.
By contrast, an RSA token generates a number that changes every minute. This number, combined with a PIN (personal identification number), becomes a “one-time” password to access the OnePurdue portal. This is more secure because an attacker would have to guess a PIN and steal a token to log in.
The SecurePurdue token allows the user to enter a pin number and the token-generated number in place of their career account password. Participants in the pilot should use the following instructions to set up their token. Download Purdue University RSA Pilot Instructions
Participants in the pilot who need assistance should contact the ITAP Customer Service Center at 49-44000 or itap@purdue.edu.