Passwords are one of the most important and yet one of the least secure security protections we use. Hackers can crack a 6-character password in less than two minutes. To provide an additional protection for your accounts, use two-step or multi-factor authentication. Multi-factor authentication is based on something you know (your password) and something you have (such as your phone or a hardware token like a Yubikey). If an attacker gets your password, they would still need access to that second “factor” to access your account. Duke offers multi-factor authentication (http://oit.duke.edu/mfa) that can be used to secure your NetID and access to various web applications at Duke.
What is multi-factor authentication , and how to set it up via OIT