Duo 2FA is a two-factor authentication method with Duo Security. Two-Factor authentication protects accounts against unauthorized logins by requiring a "2nd factor" in addition to a username and password. The 2nd factor is often a mobile app that is registered ahead of time or a passcode that is texted or called. With Duo 2FA, SPU accounts will be further protected against malicious logins that result from phishing attacks or other forms of cyber scams.
If you get a login request that you weren't expecting, tap Deny on the notification or the full Push screen to reject the request. If you don't recognize the authentication attempt as your own, tapping It seemed fraudulent rejects the login attempt and also notifies your Duo administrator about the suspicious request. If you just want to cancel a login request you made, you can tap It was a mistake to deny the request without reporting it.
The only email clients that are compatible with Duo 2FA and are fully supported by CIS is Microsoft Outlook for Windows and Mac, and Outlook Mobile for iOS and Android.
While CIS highly recommends using a smartphone and the Duo mobile app for Duo 2FA, we understand that this option does not work for everyone. The following additional 2FA methods are available with Duo:
Yes! Even without connectivity, the mobile app can generate a passcode that you can use to authenticate.
When logging in with Duo 2FA, you have the option to remember the device and application you are logging in from. On the Duo 2FA screen during login, check the highlighted box before accepting the Duo 2FA prompt on your authenticated device. If you have already received an authentication prompt, you will need to cancel the prompt, check the box, and send a new prompt.
Duo 2FA will then remember the device and application for 5 days. This applies to the device + application combination, so you may need to check this box on several logins if you use multiple web browsers or devices. Learn more about remembering devices in Duo 2FA here.
Visit the CIS Help Desk in Lower Marston Hall or call at x2982 and we can provide you with a one-time 2FA passcode so you can log in and temporarily switch to a new 2FA device. Click here for instructions on how to switch to a new 2FA device.
Visit the CIS Help Desk in Lower Marston Hall or call at x2982 and we can assist with deactivating your phone as an authorized 2FA device. We can also provide you with a one-time 2FA passcode so you can log in and switch to a new 2FA device. Click here for instructions on how to switch to a new 2FA device.
When a mobile app is registered with Duo 2FA as an authorized 2FA device, the registration is specific to the Duo app and the specific phone that is set up. If you purchase a new mobile phone, you will have to register the new phone with Duo 2FA and remove the old phone as an authorized device. Click here for instructions on how to switch to a new 2FA device.
If you require assistance or run into any issues, visit or call the CIS Help Desk in Lower Marston Hall or at x2982.
Yes. There are several options that may be useful: