What is Duo Security?
Duo Security is a company that provides a cloud-based software service that utilizes two-factor authentication to ensure secure access to services and data.
What is Two-Factor Authentication?
Two-factor authentication provides a second layer of security to any type of login, requiring extra information or a physical device to log in, in addition to your password.
By requiring two different channels of authentication, we can protect user logins from remote attacks that may exploit stolen usernames & passwords.
The factors may include:
- Something you know
- A unique username and password
- Something you have
- A smartphone with an app to approve authentication requests
- Something you are
- Biometrics - like your fingerprint
Learn more by clicking here for a two minute video, "What is Two-Factor Authentication?".
Why do we need two-factor authentication?
- Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames & passwords.
- Two-factor authentication enhances the security of your account by using a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.
How will Duo change my login experience?
- When logging in to an application that is protected by Duo, you will still enter your username and password. After inputting your login credentials, you will need to complete a secondary authentication step. This takes only a few additional moments to complete but greatly enhances the security of your account.
What is Duo Mobile & Duo Push?
- Duo Mobile is Duo Security’s free app that allows you to quickly and easily approve a second-factor authentication request with one tap using Duo Push.
- With Duo Mobile & Duo Push, there is no need to carry a bulky token or waste time manually entering in passcodes. Just one tap to authenticate right on your smartphone.
Learn more by clicking here for a short video, "Authenticate with Duo Push on iPhone".
Can I start using Duo without attending a Duo training session?
- Yes. You will need to reply to one of the training requests sent via email, and opt-out of the training session.
- You will need to provide your NetID and an acknowledgement that you are responsible for following the self-service documentation to configure your Duo account.
- Once your Duo account is operational, you will be prompted to log-in with Duo, or otherwise sent an enrollment email.
- If your Duo account is not working, please submit a ticket in ServiceNow to get help, or call the ITS Service Desk at 510-885-HELP (4357).
How can I receive a Duo hardware token?
- If you requested a hardware token but opt out of attending the in-person training, you will need to contact the Information Security Office (email@example.com) and schedule a time to pick up your assigned token from the ITS Tech Lounge, LI 2500.
- If you attend a training session in-person, a token will be provided to you at that time.
What if I left my cell phone at home?
- Please submit a ticket in ServiceNow to request a one-time Bypass Code that will allow you to access Duo-protected services.
What if I have a replacement/new cell phone?
- Please submit a ticket in ServiceNow to notify us of the change and we will direct you on how to re-enroll yourself with your new device.
My hardware token keeps declining my passcode. Why?
- The hardware token creates an access code that lasts for 30 seconds. You will need to enter in the generated code before the 30 seconds passes.
If I am already logged into Duo to access one application, do I need to log in again to use a second application protected by Duo?
- No, Duo will acknowledge that you are authorized to access the protected service.
Do I need to log into Duo every time I step away from my workstation?
- No, you can have Duo "remember" the last device you successfully accessed for up to 9 hours.
Once I successfully log into Duo, what happens if I try to use a different workstation?
- The Duo system will only remember the last workstation you successfully logged in from, so you will be prompted to log in again with Duo if you move to a different workstation.
User guides for specific devices are maintained and updated directly by the vendor: https://guide.duo.com
Please reach out to the ITS Service Desk with any questions about enrolling or using Duo: