New hacker tactic exploits two-factor authentication

A new tactic being used by hackers aims to gain access to your account by wearing you down with repeated two-factor authentication sign-in approval requests. The hackers hope you’ll get frustrated enough by the barrage of notifications to eventually approve access to your account. 

A number of Rowan University employees have been targeted by this tactic, known as multi-factor authentication (MFA) fatigue, and MFA fatigue has recently been used to compromise employee accounts at major corporations, including Uber. 

In order to launch this type of attack, hackers need to have your username and password, so it’s important to create strong passwords and know how to identify and respond to phishing scams

If you are receiving sign-in approval requests from Duo two-factor authentication that you didn’t initiate, please change your password immediately at For help, see our article on updating your Rowan NetID password

If you have any additional questions, you can call us at 856-256-4400, email or submit a ticket in the Rowan Support Portal.