Gavin Vondercrone Student Life

ESU Students React to Ongoing Battle Between Scam Emails and Multi-Factor Authentication

Credit: IStock

Tiffani Baublitz

Contributing Writer

Students at East Stroudsburg University are now required to use multi-factor authentication to log into their Microsoft and D2L accounts after a noticeable rise in phishing scams targeting university users. The added security step was introduced to reduce spam emails, protect student information and reduce the number of hacked accounts.

The university implemented multi-factor authentication after a spike in email scams. However, when 36 students were surveyed about the new requirement, the results were clear: scam emails were a problem, but the campus was divided on their feelings toward logging in multiple times, sometimes on different devices. 

Photo Credit: Tiffani Baublitz

When students were asked which they’d rather deal with, the majority of students (58.3%, or 21 people) indicated they would prefer to just keep dealing with spam emails rather than use MFA, while a significant portion (41.7%, or 15 people) found MFA more tolerable. 

Many students feel like the constant extra login steps, especially when having to use a secondary device, are worse than the junk mail itself. A student said “I would rather dealing with spam emails because the multi-factor authorization sometimes doesn’t go through making it difficult to get into D2L to do my work.”

Photo Credit: Tiffani Baublitz

As of October 2025, Students reported receiving around nine spam emails per week in their university inboxes.

Scams are evolving. Students reported falling for baiting emails that included threats that your Microsoft account will be shut down, dream job offers look too good to be true, like $100/hr job postings, package alerts about deliveries, and fake forms that gather your information. 

Students who responded openly to the survey didn’t hold back, often connecting the login demands directly to campus frustrations, especially the notoriously slow Wi-Fi.

One student said “Between ESU’s bad Wi-Fi and having to sign in 10+ times a day, the system fails and my computer crashes out. It’s a huge downgrade and a waste of time.”

Others highlighted the real-time disruption during class: “The scam emails are really bad, but MFA is just annoying and inconvenient, especially when we’re in class because it forces you to use your phone to get access.”

One student notes, “I have never gone through with the fake emails but I know a lot of my teammates who have, and it’s very inconvenient for them, especially as freshmen trying to figure out what are real emails and what are spam emails.” This confusion, coupled with having to “log in 10+ times a day,” causes unnecessary stress and wasted time.”

The current system places the burden of defining real from fake up to the student. This can be especially challenging for those new to campus, making freshman and transfer students unsuspecting targets.

The message is clear: While students understand the need for better protection, the current setup is causing major friction.