We'll be the first to tell you how important it is to have good, strong passwords. However, if an attacker manages to nab your password through brute-force hacking or phishing, there's one other defense you'll need to keep your accounts secure: two-factor authentication (or 2FA, as the cool kids call it). 2FA adds a second layer of protection by linking your account to something you own, like a mobile device, a dongle, or your fingerprint.
When you log in to a system that uses 2FA, you'll be prompted to use that "second factor"―whether it be a code sent to your phone, a push notification, or another system-specific action—to verify that it's really you. This second level of security makes it that much harder for a hacker to reach your account, while keeping the whole login process quick and easy for you. Like they say, "two authentication factors are better than one."
All CES university accounts are guarded by a 2FA service called Duo. You'll be prompted by Duo to authenticate every time you log in to your university account. You can ask Duo to send you a passcode, give you a call, or buzz your phone with a push notification from the Duo Mobile app. Once you've self-authenticated, you can set Duo to only prompt you once every 30 days, saving even more time. Head on over to duo.byu.edu to start setting up Duo on your mobile devices.