Case Study: Leading State University achieves phishing-resistant passwordless MFA with Secret Double Octopus

Passwordless MFA Helps University Bolster Security with a Better Student and Faculty Experience

Leading State University, a 100+-year-old public institution with roughly 7,000 users, faced repeated phishing attacks and a breach that exposed the limits of traditional MFA (passwords + SMS/email OTPs). To stop credential phishing while preserving a simple login experience for students and faculty, the university evaluated and selected passwordless MFA from Secret Double Octopus (the Octopus platform).

Secret Double Octopus deployed its passwordless Octopus solution campus-wide, removing shared passwords and enabling phishing‑resistant authentication via push and biometric verification across high device turnover and remote access scenarios. The rollout was easy to manage with limited IT staff, supported smoother student matriculation and faculty device freedom, and strengthened the university’s security posture—eliminating the password-based phishing vector and helping meet NIST 800-171 and cyber‑insurance expectations.