Lockdown Your Login With DUO
A A Email Print Share

Two-Factor Authentication with Duo

What is Two-Factor Authentication?

Two-factor authentication (2FA) adds an additional layer of security to protect your identity and university data. When you are only required to enter your username and password, this is considered single-factor authentication. 2FA requires user to provide two of the following three types of credentials before being granted access to an account. The three types are:

  1. Something you know (ex. account password, banking PIN).
  2. Something you have (ex. a mobile phone or ATM card).
  3. Something you are (ex. a fingerprint or voice print).

2FA Withdrawal from ATM Example

What is Duo?

Duquesne University uses Duo Security tools-including the Duo Mobile app-to manage the second step of the 2FA process. With Duo Security, you can complete a 2FA login process using any of the following methods:

  • Responding to a push notification sent to the Duo Mobile app on your mobile phone (CTS recommended method).
  • Entering a one-time passcode you generate in the Duo Mobile app or with a Duo hardware token device.
  • Answering a phone call to a mobile or landline phone and following prompts to verify your login.

You can choose which Duo authentication method you prefer each time you log in.

Enrolling Devices in Duo

To get started with Duo, please visit DORI and sign in using your MultiPass credentials. Once you are signed in, perform the following steps to enroll your device(s) in Duo:

Note: If you are enrolling a mobile phone in Duo, please visit either the App Store (iPhone) or Play Store (Android) and download the Duo Mobile app before proceeding.

  1. Click the Duo Device Management tab.
  2. Click Start Setup to begin the enrollment process.
  3. Select the type of device you are enrolling (mobile phone, tablet, landline phone, or U2F token) and click Continue. CTS strongly encourages users to enroll their mobile phone with Duo.
  4. Enter your mobile phone number and click Continue.
  5. Select the appropriate make and model of your device and click Continue.
  6. A push notification will be sent to your newly-enrolled device. Click Approve to complete enrollment.

Managing Your Enrolled Devices

To manage your Duo-enrolled devices, please visit DORI and sign in using your MultiPass credentials. Once you are signed in, perform the following steps to manage your devices:

  1. Click the Duo Device Management tab.
  2. Select your desired authentication method to proceed (CTS recommends selecting Send Me a Push).
  3. You can now manage your settings and devices. Device options include:
    • Reactivate Duo Mobile: Sends a new authentication push to the selected device.
    • Change Device Name: Allows you to modify the device name.
    • Delete Device: Un-enrolls the selected device with Duo (you will no longer receive push notifications to that device).

Duo Device Enrollment & Management Guide

For additional instructions on enrolling and managing devices with Duo Security, click here.

How Do I Use Duo?

You will only be able to utilize Duo Security for applications enabled with Duo authentication. At this time, this includes:

  • Signing in to any Duquesne-owned computers.
  • Accessing VPN resources via Global Protect.
  • Signing in to any Shibboleth-enabled Duquesne University applications (Box, ChromeRiver, Qualtrics, and others).

When signing in to Shibboleth-supported web applications, you will only need to complete a 2FA log in with Duo once every 12 hours. When signing in to a Duquesne-owned computer, you will need to complete a 2FA log in with Duo each time you sign in.

Resources

2FA with Duo Communications Toolkit

2FA with Duo Documentation

2FA with Duo Handout

Duo Security Guide