<div dir="ltr"><div dir="ltr">Hi, Melissa! So sorry to hear that this is happening. I know it's extremely inconvenient and frustrating.</div><div dir="ltr"><br></div><div dir="ltr">We're on EZproxy, so I cannot comment on OpenAthens' ability to minimize these types of incidents, but I have been keeping an eye on our IP blocks over the years, and <knock on wood infinity> they have <i>plummeted</i> for us since the university required 2FA enrollment for all employees in late 2017. After students were required to enroll in 2FA in late 2020, our IP blocks dried up even further. We only had 3 total last year, and none so far this year. A new record by a mile. <knock on wood infinity+++></div><div dir="ltr"><br></div><div dir="ltr">Obviously, requiring 2FA for all users probably isn't something your library can do without an institutional mandate, but it's worth investigating to see if that mandate may be in the works. In this day and age, it would be surprising if it's not. There are massive implications for compromised credentials that go far beyond IP blocks for library resources. And institutionally required 2FA would be a lot cheaper and easier than an authentication system migration, unless you have additional needs that you feel OpenAthens would support better than EZproxy.</div><div dir="ltr"><br></div><div dir="ltr">Tessa<br clear="all"><div><div dir="ltr" data-smartmail="gmail_signature"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><br></div><div dir="ltr">-.-.-.-.-.-.-.-.-.-.-.-.-.-<br></div><div dir="ltr"><div>Tessa L.H. Minchew<br>Electronic Resources Librarian<br>Acquisitions & Discovery<br>NC State University Libraries<br>919.515.5182<br><a href="mailto:tlminche@ncsu.edu" target="_blank">tlminche@ncsu.edu</a></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Aug 26, 2021 at 4:02 PM <<a href="mailto:eril-l-request@lists.eril-l.org" target="_blank">eril-l-request@lists.eril-l.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Send Eril-l mailing list submissions to<br>
<a href="mailto:eril-l@lists.eril-l.org" target="_blank">eril-l@lists.eril-l.org</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://lists.eril-l.org/listinfo.cgi/eril-l-eril-l.org" rel="noreferrer" target="_blank">http://lists.eril-l.org/listinfo.cgi/eril-l-eril-l.org</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:eril-l-request@lists.eril-l.org" target="_blank">eril-l-request@lists.eril-l.org</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:eril-l-owner@lists.eril-l.org" target="_blank">eril-l-owner@lists.eril-l.org</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of Eril-l digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. hackers, messed up COUNTER data, and ezproxy vs openathens<br>
(Melissa Belvadi)<br>
2. Re: hackers, messed up COUNTER data, and ezproxy vs<br>
openathens (Athena Hoeppner)<br>
3. Re: hackers, messed up COUNTER data, and ezproxy vs<br>
openathens (Nikki DeMoville)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Thu, 26 Aug 2021 16:59:46 +0000<br>
From: Melissa Belvadi <<a href="mailto:mbelvadi@upei.ca" target="_blank">mbelvadi@upei.ca</a>><br>
To: "<a href="mailto:eril-l@lists.eril-l.org" target="_blank">eril-l@lists.eril-l.org</a>" <<a href="mailto:eril-l@lists.eril-l.org" target="_blank">eril-l@lists.eril-l.org</a>><br>
Subject: [Eril-l] hackers, messed up COUNTER data, and ezproxy vs<br>
openathens<br>
Message-ID:<br>
<<a href="mailto:QB1PR01MB270827C7AD5AFD0FAFBB97E1C3C79@QB1PR01MB2708.CANPRD01.PROD.OUTLOOK.COM" target="_blank">QB1PR01MB270827C7AD5AFD0FAFBB97E1C3C79@QB1PR01MB2708.CANPRD01.PROD.OUTLOOK.COM</a>><br>
<br>
Content-Type: text/plain; charset="iso-8859-1"<br>
<br>
Hi, all.<br>
<br>
<br>
We've had two more "rounds", for a couple months late last year and then again in May-June of this year, where our COUNTER data for some major journal publishers is worthless because breached-password events caused absurd spikes across every journal in the package (both ft uses and turnaways). We have self-hosted ezproxy, with a Shibboleth/LDAP server doing the authentication.<br>
Knowing that there's just no way for us to enforce password security so that leaks never happen, I was wondering if anyone could speak to whether it would make any significant difference to this problem if we were to switch from ezproxy to open athens. I know open athens would rely on that same underlying authentication, but I was given the impression that it had additional ways to prevent such hacking, especially if it is coming from overseas (we all know which countries' IPs these incidents originate from).<br>
<br>
Could anyone who has switched from ezproxy to open athens and had previously experienced these kinds of problems share with us whether you've seen such breaches that are big enough to impact COUNTER data cease after you switched?<br>
<br>
<br>
Melissa Belvadi<br>
Collections Librarian<br>
University of Prince Edward Island<br>
<a href="mailto:mbelvadi@upei.ca" target="_blank">mbelvadi@upei.ca</a><mailto:<a href="mailto:mbelvadi@upei.ca" target="_blank">mbelvadi@upei.ca</a>> 902-566-0581<br>
ORCID iD: 0000-0002-4433-0189<br>
my public calendar<<a href="https://outlook.office365.com/owa/calendar/0fbab27c909e4493be65313bd66d66b6@upei.ca/5fa60af92c6d451c9ddf90c0bb11e00f15552192987609852692/calendar.html" rel="noreferrer" target="_blank">https://outlook.office365.com/owa/calendar/0fbab27c909e4493be65313bd66d66b6@upei.ca/5fa60af92c6d451c9ddf90c0bb11e00f15552192987609852692/calendar.html</a>><br>
Make an appointment<<a href="https://mbelvadi.youcanbook.me/" rel="noreferrer" target="_blank">https://mbelvadi.youcanbook.me/</a>> via YouCanBookMe<br>
<br><br>
</blockquote></div></div>