KU Leuven is the biggest and oldest university in Belgium with 6 institutions and 23 campuses all over Flanders. KU Leuven has 115.000 students enrolled, employs 20.000 people and collaborates with 150.000 externals. According to international rankings, KU Leuven is among the best 100 universities in the world and is Europe’s most innovative university.
All resources of KU Leuven are online (including HR, student grading system, research data, project proposals) and were accessible through username-password. With phishing attacks on the rise, it was clear that KU Leuven needed to upgrade their security.
KU Leuven was looking for a second factor solution to complement their username-password login. It needed to be integrated in their SSO solution and the onboarding flows. KU Leuven was also convinced that next to a secure solution, they needed to have a solution which was easy for users. Given the complex environment and having over 200.000 users, a software solution was preferred.
nextAuth worked tightly together with KU Leuven’s competence centre for information security to integrate the nextAuth solution in KU Leuven’s central login system and create the “KU Leuven Authenticator”. We convinced KU Leuven of the benefits of our two factor authentication, which allows users to log in without having to type in a password or even a username.
KU Leuven chose to do a staged roll-out: first making it voluntary for all users and then gradually enforcing a higher level of security to certain groups of staff or to sensitive applications/resources.