.jpg)
Student accounts were being compromised, exposing personal data and threatening compliance with federal funding requirements. Multi-factor authentication was essential, but it had to be introduced in a way that students would understand and accept.
Lead Designer
October 2024 - Ongoing
.jpg)
We analyzed breach reports, spoke with security and compliance teams, and gathered student feedback. Many students worried about confusing logins or being locked out. Research showed MFA needed to be flexible, offering multiple authentication options, while remaining simple and supportive.
I mapped login journeys and collaborated with the security team to test flows. Flexibility became the guiding principle: students could verify through the WGU mobile app, SMS, voice call pin codes, or recovery options.
.jpg)
A risk-based MFA system was rolled out with multiple authentication pathways. Enrollment prompts guided students through setup, while SMS and voice call pin code ensured accessibility. A self-service portal gave students control to reset or recover access on their own.
.jpg)
Over 500,000 accounts were secured. Compromised account cases dropped significantly, and WGU met GLBA and FERPA compliance requirements. Students reported greater trust in the system, and service desk escalations decreased.
Designing security is as much about empathy as it is about compliance. By giving students choices and clear guidance, we created a system that felt protective rather than punitive.