The Australian National University will move away from passwords and usernames when accessing campus systems, and will instead turn to biometrics for secure logins. The new biometric token system will be used by all of the university's students and staff.
According to a report from ITNews, the university has decided to implement Cipherise, an app that utilizes the biometric token in a person’s smartphone for "bi-directional" authentication. The app was developed by Melbourne-based cyber security startup, Forticode, and is slated to eventually become the default method of authentication across the university.
The addition of Cipherise is part of an larger cybersecurity overhaul at the university spurred on by two significant cyber attacks at ANU, one of which compromised 19 years of data was accessed by an unknown hacker. Student and faculty use of the app will be voluntary in the near term, but the university is hoping for this to be a universal, long-term solution.
Among other measures, the university has made implementing multi-factor authentication a priority.
“We have implemented several MFA solutions to protect our systems but are now moving towards a more unified model,” said an ANU spokesperson to ITNews. “We recognize users can inadvertently use unsafe password practices simply because passwords can be difficult and counter institutive. Therefore, ANU has made the decision to make a generational shift and adopt a passwordless model.”
Once students are set up with the Cipherise app, they will use the app to access ANU systems by scanning a QR code on the login page. They will then be prompted to perform a biometric check using their face or fingerprint – depending on the functionality of their mobile device.
No official rollout date has been set, but ANU will employ a phased approach as it continues its cybersecurity overhaul.
A university spokesperson says that once all systems have been onboarded, it is expected that the app will be mandatory for all 22,000 students and 4,000 staff in order to access ANU systems.