Two-factor authentication adds a second layer of security to your online accounts. Verifying your identity using a second factor (like your phone) prevents anyone but you from logging in, even if they know your password. Passwords are increasingly easy to compromise - they can often be stolen, guessed or hacked. You might not even know someone is accessing your account. With Duo Push, you'll be alerted right away if someone is trying to log in as you. This second factor of authentication is separate and independent from your username and password. Duo never sees your password.
Once you've enrolled in Duo you'll login as usual with your username and password, and then use your device to verify that it's you.
- Enter your NetID and password as usual
- Use your device to verify your identity
- Your login completes and you are securely logged in
Web based enterprise services that use Single Sign On (SSO) such as MyInfo, Degreeworks, Chrome River, Docusign, and Banner Forms will require Duo. You can check a box on the Duo authentication screen to have Duo remember you for 14 days. As long as you use the same web browser, and don't clear your cookies, Duo will not request you authenticate again until that time period is up.
You will also need to authenticate with Duo if you use the GlobalProtect VPN. Have your Duo device close by to approve your connection - there will be no on screen indication that the VPN sending the authentication request.
Beginning August 22nd, it will be required for Office 365 desktop and mobile apps like Outlook and Teams. After O365 Duo authentication is in place, the requirement to change your password every 180 days will be removed.
You will not need Duo authentication to log onto university computers or into Brightspace.
Students will not be required to use Duo at this time.
Watch this video to learn how to self enroll and setup your first device in Duo.
After you have enrolled your initial device, you can add new devices, or manage existing devices. ITS highly recommends you set up more than one device and more than one way to authenticate, just in case a problem occurs with your primary authentication method.
Duo authentication methods:
Send a push notification to your mobile device.
Send a passcode to a mobile device via text message.
Have Duo call a phone. This can be a cell phone or a desk phone.
Use a token to generate a passcode
Watch videos of these authentication methods here.
If you do not have access to device that is compatible with the Duo Mobile app, or access to a phone, your department can purchase a token through MSU-Bozeman by clicking the Request Token button.