My name is Arianna Rothfuss and I am a chemistry grad student here at UB. UBIT has recently put out requirements for students to sign up for DUO two-step verification, a process that is by no means justified and is simply an added annoyance to college students. I am writing to you in hopes of it being put in The Spectrum as complaining to UBIT will do no good.
With the new rollout of the 2-step verification for logging in to UB websites, such as UBLearns, I have come to realize that it is not only cumbersome to do so, but is a major inconvenience for those of us who go to UB. I find it odd that UBIT is forcing students to download yet another app (Duo Mobile) just to login for what seems like an arbitrary increase in safety. Google accounts only send notifications when you log in on a new device. UBIT could have implemented something like this to increase safety, rather than a new 2-step verification process.
There are some people who do not have phones with recent enough updates to even download this app that is now required to be able to login to their UB accounts. There are also some people (although very few) who still do not have smartphones. What are they supposed to do? When you go through the enrollment process, it says you need a phone, tablet, or security key. Without being able to download the app, are students supposed to carry around a small flash drive to plug in whenever they need to use UBLearns or their HUB? Instead of making things increasingly annoying and cumbersome to log into, they should fix the login issue that has existed for years. Where if you don't get your password correct on the first try, you have to refresh the page or close and reopen the tab to try again. Any normal login just gives you an error explaining how the login information was incorrect and you should try again.
Also when logging in, there are times where it just attempts to load, only to never succeed and then you have to either refresh or close and reopen the tab again. Fixing this would have been much more sensible than implementing some 2-step verification.
This feels like a marketing ploy so they can say "look at how much we care about security" while not actually thinking about ease of use and practicality. There are ways to increase security that do not inhibit functionality, and UBIT really missed the boat on this one.
Sincerely,
Arianna Rothfuss
