The Australian National University is preparing to ditch passwords and usernames for biometrics in a bid to make accessing systems more secure and convenient for its 26,000 students and staff.
Amid growing cyber security risks, the university will shortly roll out Cipherise, an app that leans on the native biometric token in a person’s smartphone for bi-directional authentication.
The app, which was developed by Melbourne-based cyber security startup Forticode, is expected to eventually become the default method of authentication across the university.
The planned rollout is part of an extensive cyber security uplift that began after two significant cyber attacks, one of which saw 19 years of data accessed by an unknown hacker.
Under the information security program, which kicked off in January 2020, it has been hardening its network, including by expediting the rollout of MFA.
“We have implemented several MFA solutions to protect our systems but are now moving towards a more unified model,” a spokesperson told iTnews.
“We recognise users can inadvertently use unsafe password practices simply because passwords can be difficult and counter institutive.
“Therefore, ANU has made the decision to make a generational shift and adopt a passwordless model.”
Once set up, the Cipherise app – which will initially be voluntary – will be used to access ANU systems by students and staff scanning a QR code on the login page.
They will then be prompted to perform a biometric check using their face or fingerprint – depending on the functionality of the device used – stored on their phone.
While the exact timeframe for the rollout remains unclear, ANU expects to use a phased approach to “ensure the best possible experience” for students and staff.
“We will be releasing functionality and system integration in an incremental manner, underpinned by rigourous testing and consultation with our users,” the spokesperson said.
When all systems have been onboarded, it is expected the app will become mandatory for all 22,000 students and 4000 staff to access ANU systems.
ANU is currently “working on functionality and customisations to ensure seamless integration” on the app – one of the reasons it settled on Cipherise.
“ANU chose Cipherise with Forticode and tailored implementation by co-designing it to our very diverse and dynamic environment,” the spokesperson said.
Cipherise also aligns with the information security program’s goal to “help build sovereign capability – in line with the nation building mission of the university," the spokersperson added.