Duo Security is a company that provides a cloud-based software service that utilizes two-factor authentication to ensure secure access to services and data.

Two-factor authentication provides a second layer of security to any type of login, requiring extra information or a physical device to log in, in addition to your password.

By requiring two different channels of authentication, we can protect user logins from remote attacks that may exploit stolen usernames & passwords.  

The factors may include:

  • Something you know
    • A unique username and password
  • Something you have
    • A smartphone with an app to approve authentication requests
  • Something you are
    • Biometrics - like your fingerprint

Learn more by clicking here for a two minute video, "What is Two-Factor Authentication?".

  • Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames & passwords. 
  • Two-factor authentication enhances the security of your account by using a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.
  • When logging in to an application that is protected by Duo, you will still enter your username and password.  After inputting your login credentials, you will need to complete a secondary authentication step, in the form of a Duo Push from your smartphone, or by entering in a six-digit code.  This takes only a few additional moments to complete but greatly enhances the security of your account.
  • Using the Duo Mobile app:
    • Apple - iPhone, iPad, and iPod
    • Android - cell phone and tablet
    • Windows - phone and tablet
  • Landline, including campus extension
  • Hardware tokens
  • No. Duo Mobile does not have any more access to your phone than any other mobile app, and it cannot read your e-mail, track your location, or see your browser history. Duo Mobile also cannot remotely delete anything from your phone. During the installation of the Duo Mobile app, you will need to grant the app permission to send push notifications to your phone.
  • Duo Mobile is Duo Security’s free app that allows you to quickly and easily approve a second-factor authentication request with one tap using Duo Push.
  • With Duo Mobile & Duo Push, there is no need to carry a bulky token or waste time manually entering in passcodes. Just one tap to authenticate right on your smartphone.

Learn more by clicking here for a short video, "Authenticate with Duo Push on iPhone".

  • Please submit a ticket in ServiceNow to request a one-time Bypass Code that will allow you to access Duo-protected services. Or call the Servicedesk at 510-885-4357
  • Please submit a ticket in ServiceNow to notify us of the change and we will direct you on how to re-enroll yourself with your new device.
  • The hardware token creates an access code that lasts for 30 seconds. You will need to enter in the generated code before the 30 seconds passes.
  • No, you can have Duo "remember" the last device you successfully accessed for up to 12 hours.
  • The Duo system will only remember the last workstation you successfully logged in from, so you will be prompted to log in again with Duo if you move to a different workstation.
  • Tokens are constructed to display a unique six-digit code upon every new button-press.  If the button is held down too long, a string of eights will be displayed.  Be sure to only press the button once, instead of holding it down, to generate a valid code.
  • Following the East Bay enrollment process will update your existing Duo app setup and add the East Bay campus, so you can use the Duo app for both campuses and their respective protected applications.
  • No, you can register any SMS-capable device and receive a text message for authentication by selecting "Other" during the "What type of phone is..." step of the registration process.  
  • More information can be found at https://guide.duo.com/other-phones.
  • Some applications will allow you to run them under Duo rather than their default authenticator.  For example, with Microsoft 365, when prompted to download the Microsoft Authenticator, select the "I want to use a different authenticator app" link and follow the steps as provided.

As long as you have previously registered your smart device with Duo, you can generate a passcode and connect with Duo, using either the Duo Mobile app or by SMS:

  • From the Duo Mobile app, tap the account you want to access and a six digit code will display.  Depending on what device you are using, this may be a key symbol.  Then, simply enter this passcode when you see the Duo authentication prompt.
  • From a passcode sent by SMS, choose the "Text Me" option, and a six digit code will be sent to you.  Enter this code to complete the authentication process.
  • You can add another phone line, as well as make changes to your devices, by visiting https://www.csueastbay.edu/duo and then clicking the "Enroll in Duo" button. Log in and click the "Add a new device" link to make your changes.
  • NOTE: These changes can only be done by using this application.
You can open the Duo Mobile app and generate a 6 digit code for use with Duo authentication, as this works without cell or network service on the phone.
Obtaining a Passcode from the Duo Mobile App:
  1. Open the Duo Mobile app from your mobile device.
  2. In Duo Mobile, tap on the "Cal State East Bay" icon. You should see a six-digit code displayed.
  3. Enter the passcode on the Duo screen on your computer to complete the Duo verification process to log in to the application.
    • Please note that if your phone is set to "Do Not Disturb" or "Airplane" mode, you will not be able to authenticate with Duo using the Push, SMS Texts or Callback options.

You can find more information about this at https://guide.duo.com/other-phones.

Duo will lock you out after 10 failed attempts to login. This lockout will last 10 minutes, after which you can try again.
Be sure to use the most updated software version of your operating system and your web browser.   Also, some browser settings may block Duo from functioning correctly, so try a different browser than usual.  Duo supports up-to-date versions of Chrome, Firefox, Safari, Edge, and Opera.

In order to comply with U.S. regulations, Duo blocks authentications from users whose IP address originates in a country or region subject to economic and trade sanctions enforced by the U.S. Office of Foreign Assets Control.

Please contact the International Admissions Office for more information: iao@csueastbay.edu

User guides for specific devices are maintained and updated directly by the vendor: https://guide.duo.com

Please reach out to the ITS Service Desk with any questions about enrolling or using Duo: