Higher Education · 25,000 staff & faculty

Public University System

Passwordless & MFA Rollout

Entra ID14 weeks

92%

Passwordless adoption

−68%

Password-reset tickets

Near zero

Phished accounts

The challenge

The university was a constant target of credential-phishing campaigns, and the help desk was overwhelmed with password-reset tickets. SMS-based MFA was widely bypassed, and a string of account takeovers had compromised payroll direct-deposit details. Leadership wanted phishing-resistant authentication without alienating a large, non-technical user base.

The approach

1
Assessed the existing MFA estate and identified the weakest authentication methods in use.
2
Designed a Conditional Access framework requiring phishing-resistant methods for sensitive applications.
3
Piloted Windows Hello for Business and FIDO2 security keys with IT and finance staff.
4
Built a phased enrollment campaign with clear, non-technical communications and self-service guidance.
5
Retired SMS as an allowed method for high-value applications once adoption thresholds were met.

The outcome

Phishing-resistant authentication reached 92% adoption across staff and faculty. Account-takeover incidents dropped to near zero and password-reset volume fell by more than two-thirds, freeing the help desk for higher-value work.

Account takeovers: −98%
Help-desk load: −68%
Phishing-resistant MFA: Enforced

All case studies Discuss a similar project

Ready to secure your identity foundation?

Book a free 30-minute discovery call. We'll talk through your environment and where the biggest wins are — no obligation.

Schedule a Consultation Explore Services