DUO

Notes:
All faculty and staff are automatically enrolled in Duo when their account is created & do not need to click this enroll button. Logging in to MyInfo will prompt you to complete the Duo setup.

As of February 14th, 2024, all students are also be required to use Duo. Students are automatically enrolled in Duo when their account is created & do not need to click this enroll button. Logging in to MyInfo will prompt you to complete the Duo setup.

Duo is a form of two-factor authentication that uses an app on a mobile device, a text, a phone call, or token to verify the person logging into your account is actually you.

Two Factor Authentication - laptop, phone app, approval

What is two-factor authentication and why do I need it?

Two-factor authentication adds a second layer of security to your online accounts. Verifying your identity using a second factor (like your phone) prevents anyone but you from logging in, even if they know your password. Passwords are increasingly easy to compromise - they can often be stolen, guessed or hacked. You might not even know someone is accessing your account. With Duo Push, you'll be alerted right away if someone is trying to log in as you. This second factor of authentication is separate and independent from your username and password. Duo never sees your password.

How does it work?

Once you've enrolled in Duo you'll login as usual with your username and password, and then use your device to verify that it's you.

Enter your NetID and password as usual
Use your device to verify your identity
Your login completes and you are securely logged in

What will Duo be required for?

Web based enterprise services that use Single Sign On (SSO) such as M365, MyInfo, Degreeworks, Chrome River, Docusign, and Banner Forms will require Duo. You can check a box on the Duo authentication screen to have Duo remember you for 10 hours. As long as you use the same web browser, and don't clear your cookies, Duo will not request you authenticate again until that time period is up.

All faculty and staff are required to use Duo. Faculty and staff using the Global Protect VPN will also need to authenticate using Duo. Have your Duo device close by to approve your connection - there will be no on screen indication that the VPN is sending the authentication request.

Beginning February 14th, 2024, all students will be required to use Duo.

After Duo is mandatory, the requirement to change your password every 180 days will be removed, but you can still use the Password Portal to change your password anytime you like.

Duo authentication is not currently needed to log onto university computers or into Brightspace.

Add and manage devices

After you have enrolled your initial device, you can add new devices, or manage existing devices by clicking one of the links on the left side of the Duo window. ITS highly recommends you set up more than one device and more than one way to authenticate, just in case a problem occurs with your primary authentication method.

Duo authentication methods:

Push Notification

Send a push notification to your mobile device.
(Recommended method, it's quick & easy!)

Passcode

Send a passcode to your mobile device via text message.

Phone Call

Have Duo call your phone. This can be a cell phone or a desk phone.

Token*

Use a token to generate a passcode

* If you do not have access to device that is compatible with the Duo Mobile app, or access to a phone, you can purchase a Duo token by paying for the token in Business Services (Cowan Hall 207) and bringing the receipt to the ITS Help Desk (Cowan Hall 117). If you lose your token, report it immediately to ITS.