DISCLAIMER: Stories and images published in this week’s issue under satire (with the exception of advertisements) are purely satirical and created for entertainment and/or parody purposes. They are not intended to communicate any accurate or factual information.
A select few of York’s students, staff, and faculty are currently partaking in a pilot of Duo’s latest multi-factor authentication system. Set to fully launch in Sept. 2026 and replace the prior 2FA routine, Duo has dubbed this new procedure Five Factor Safety (FFS).
“The update is in direct response to the rise we’ve been seeing in AI-driven security breaches,” said Duo spokesperson Chet Geppetti. “But the design goal of FFS isn’t just to improve security — it’s to engage users with their inner humanity.”
According to Geppetti, the authentication methods are rotated through at random and have the collective goal of “stimulating all five senses.” Potential methods include singing back a short tune, feeling how many times your phone buzzes in 30 seconds, and describing the taste of a colour. Throughout the process, users are guided by an LLM-powered chatbot that learns their behavioural habits and introduces new “authentication challenges” over time. Consistent to each login is the final, “trust-building” portion, where users alternate between sharing a personal secret with Duo or recalling one that was previously divulged.
One member of the pilot program has found frustration with this final step. “I keep running into an error where Duo says that the secrets I tell them aren’t deep enough,” complained Carmen Nulhedge, associate professor in the psychology department. “Friends, colleagues, and even my students know that I’m like an open book. There isn’t very much about me that the world has yet to be made aware of,” she elaborated. “I can really only share mundane things like the fact that I sometimes leave my shoelaces untied to see if strangers care about my wellbeing. It doesn’t even matter that I told you that just now, because Duo hasn’t accepted anything similar,” Professor Nulhedge lamented. “I already burned through all of my credit card information, my social insurance number, and the placement of every single one of my moles. At this point, I’m considering making up secrets, but I’m worried that I won’t be able to remember them later on.”
When asked about Duo’s reasoning for including this segment, Geppetti explained that the company “wanted to create an identity protection system that knows you better than you know yourself — where security questions like your mother’s maiden name become relics of the past.” Unlike other multi-factor authenticators, Geppetti praised FFS for its ability to prevent the new concept of “self-hacking,” where users might do things like change their password or contact information. “FFS will be able to interpret, predict, and protect the real you — from both external and internal threats,” he lauded.
Hank Tschuss, a first-year philosophy undergraduate, said FFS comes as a major relief. “Since beginning my studies last semester, I’ve been really concerned with the lack of security around my Passport York login. The fact that anybody could steal my username and password, and then steal my phone and know my pin number, and then respond to a single push notification with a three-digit code … is a chilling thought,” he remarked. When asked to clarify what information he fears could be accessed by malicious actors, Tschuss confessed that he “frequently deal[s] with nightmares where somebody submits subpar eClass assignments in [his] name.” “I expect these terrors will soon be replaced by sweeter dreams,” he concluded.
For those interested in becoming a part of the next expansion of the pilot program, or those seeking to provide feedback, there is a webform located at ffsduo.yorku.ca. Please note that the form submission involves completing a captcha, uploading your biometric data, detailing four generations of your family tree, and verifying seven linked devices.
