Technology Services 

Multi-Factor Authentication/DUO

Two-factor authentication

Two-factor authentication provides a second layer of security to any type of login, requiring extra information or a physical device to log in, in addition to your password. By requiring two different channels of authentication, we can protect user logins from remote attacks that may exploit stolen usernames and passwords. 

Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames and passwords. Two-factor authentication enhances the security of your account by using a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.

Duo Security

Duo Security is a company that provides a cloud-based software service that utilizes two-factor authentication to ensure secure access to services and data.

When logging in to an application that is protected by Duo Security, such as Workday, you will continue to enter your username and password. After inputting your login information, you will be required to complete a method of second-factor authentication. Duo Security does not replace or require you to change your username and password. 


Frequently Asked Questions

Duo allows you to remember a device for 15 days. You can approve any computer that you commonly use and will not be required to provide two-factor authentication confirmation for 15 days. For example, if you have a desktop and a laptop, you can approve both computers as trusted devices.

Yes. Multiple devices and phone numbers can be listed. When authenticating choose the specific device you wish to use to authenticate.  Having more than one device is recommended. You may register as many devices as you wish. If you need to register another device once you have completed the initial enrollment process, you may do so from the Duo self-service portal.

Please use the following definitions regarding Duo device enrollment:

  • Landline: has a phone number but no app
  • Mobile: has a phone number, can use the Duo Mobile app and can receive SMS text messages
  • Tablet: has no phone number but can use the app

You are encouraged to set up Duo on more than one phone (such as your desk phone) in case you forget a phone at home.

You have four options

  • DUO PUSH – If you have the DUO Mobile App installed on your smartphone or tablet, you can receive a push notification. From the app, you can approve or deny the login attempt.
  • Phone call – you can receive a phone call on your mobile phone or landline phone. The call will give instructions on approving or denying the login attempt.
  • Passcodes – you can receive temporary or long-term passcodes by text/SMS message.
  • U2F Token – Insert the U2F token device into the USB slot of the computer you are using. Follow the instructions on your screen. This method is only valid for accessing web-based resources.

The “Remember me for 15 days” is browser specific. If you logged in using IE this morning and are now using Firefox, it will ask you to authenticate again. If you are using the same browser as this morning and you are prompted to authenticate again, it could be due to the cookie not being saved. If you have “Private Browsing” mode turned on or have disabled cookies, the Duo login will appear every time.

You can find more information here.

Sometimes the Duo mobile app will not launch as intended on your smartphone. Usually, a simple reboot of your phone will resolve the issue. If you don’t wish to reboot your smartphone, you could manually launch the Duo app. Your notification should be there waiting for your approval. 

Changes to your account must be done from within a fresh browser session. This can be done by using another web browser or a Private/Incognito window. (find out if DUO has a page for updating/adding etc…)

If you opt-out of the DUO mobile application push notifications, there are a variety of passcode options to utilize as your second verification method.

  • Passcodes via SMS – users can receive a batch of one-time use codes via text message. You can request these by logging into your DUO management page as you typically would. Once you received the DUO prompt, you can click Enter Passcode, then click on the blue button “Text me new codes.” These codes do not expire, and they are valid until used.
  • Passcodes via DUO mobile app–If you have the DUO mobile app installed, you can receive a single passcode by tapping the key icon next to Florida Polytechnic University in the mobile app. This code must be used immediately.