Technology Services

Multi-Factor Authentication/DUO

Two-factor authentication

Two-factor authentication provides a second layer of security to any type of login, requiring extra information or a physical device to log in, in addition to your password. By requiring two different channels of authentication, we can protect user logins from remote attacks that may exploit stolen usernames and passwords.

Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames and passwords. Two-factor authentication enhances the security of your account by using a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.

Duo Security

Duo Security is a company that provides a cloud-based software service that utilizes two-factor authentication to ensure secure access to services and data.

When logging in to an application that is protected by Duo Security, such as Workday, you will continue to enter your username and password. After inputting your login information, you will be required to complete a method of second-factor authentication. Duo Security does not replace or require you to change your username and password.

Do I have to use DUO Security every time that I log into Workday?

Duo allows you to remember a device for 15 days. You can approve any computer that you commonly use and will not be required to provide two-factor authentication confirmation for 15 days. For example, if you have a desktop and a laptop, you can approve both computers as trusted devices.

Can I have more than one device or phone number added to the DUO system?

Yes. Multiple devices and phone numbers can be listed. When authenticating choose the specific device you wish to use to authenticate. Having more than one device is recommended. You may register as many devices as you wish. If you need to register another device once you have completed the initial enrollment process, you may do so from the Duo self-service portal.

For DUO device enrollment, what is the difference between a landline, a mobile device, and a tablet?

Please use the following definitions regarding Duo device enrollment:

Landline: has a phone number but no app
Mobile: has a phone number, can use the Duo Mobile app and can receive SMS text messages
Tablet: has no phone number but can use the app

What happens if I forget my phone?

You are encouraged to set up Duo on more than one phone (such as your desk phone) in case you forget a phone at home.

What are my authentication options?

You have four options

DUO PUSH – If you have the DUO Mobile App installed on your smartphone or tablet, you can receive a push notification. From the app, you can approve or deny the login attempt.
Phone call – you can receive a phone call on your mobile phone or landline phone. The call will give instructions on approving or denying the login attempt.
Passcodes – you can receive temporary or long-term passcodes by text/SMS message.
U2F Token – Insert the U2F token device into the USB slot of the computer you are using. Follow the instructions on your screen. This method is only valid for accessing web-based resources.

I checked the “Remember me for 15 days” checkbox when I logged in this morning, but it is already asking me again.

The “Remember me for 15 days” is browser specific. If you logged in using IE this morning and are now using Firefox, it will ask you to authenticate again. If you are using the same browser as this morning and you are prompted to authenticate again, it could be due to the cookie not being saved. If you have “Private Browsing” mode turned on or have disabled cookies, the Duo login will appear every time.

What will Duo do with my personal information other than using it for two-factor authentication? Will it be sold, released, or otherwise distributed to any parties other than Duo?

You can find more information here.

I’m not receiving the automatic DUO push to my cell phone and had to use the “Call Me” option. What is that?

Sometimes the Duo mobile app will not launch as intended on your smartphone. Usually, a simple reboot of your phone will resolve the issue. If you don’t wish to reboot your smartphone, you could manually launch the Duo app. Your notification should be there waiting for your approval.

How do I add another device or change my DUO settings if my current device is remembered or I have it set to always push?

Changes to your account must be done from within a fresh browser session. This can be done by using another web browser or a Private/Incognito window. (find out if DUO has a page for updating/adding etc…)

What are passcodes?

If you opt-out of the DUO mobile application push notifications, there are a variety of passcode options to utilize as your second verification method.

Passcodes via SMS – users can receive a batch of one-time use codes via text message. You can request these by logging into your DUO management page as you typically would. Once you received the DUO prompt, you can click Enter Passcode, then click on the blue button “Text me new codes.” These codes do not expire, and they are valid until used.
Passcodes via DUO mobile app–If you have the DUO mobile app installed, you can receive a single passcode by tapping the key icon next to Florida Polytechnic University in the mobile app. This code must be used immediately.

Need Help With Duo?

Contact

Jack Trainor: 863-874-8842
Ercan Elibol: 863-874-8835

iso@floridpoly.edu

Duo Resources

Duo Mobile App on Different Devices

Multi-Factor Authentication/DUO

Two-factor authentication

Duo Security

Frequently Asked Questions