Top NavTop NavTop Nav


What is Duo Security?

Duo Security is a company that provides a cloud-based software service that utilizes two-factor authentication to ensure secure access to services and data. 

What is Two-Factor Authentication?

Two-factor authentication provides a second layer of security to any type of login, requiring extra information or a physical device to log in, in addition to your password.

By requiring two different channels of authentication, we can protect user logins from remote attacks that may exploit stolen usernames & passwords.  

The factors may include:

  • Something you know
    • A unique username and password
  • Something you have
    • A smartphone with an app to approve authentication requests
  • Something you are
    • Biometrics - like your fingerprint

Learn more by clicking here for a two minute video, "What is Two-Factor Authentication?".

Why do we need two-factor authentication?

  • Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames & passwords. 
  • Two-factor authentication enhances the security of your account by using a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.

How will Duo change my login experience?

  • When logging in to an application that is protected by Duo, you will still enter your username and password.  After inputting your login credentials, you will need to complete a secondary authentication step.  This takes only a few additional moments to complete but greatly enhances the security of your account.

What is Duo Mobile & Duo Push?

  • Duo Mobile is Duo Security’s free app that allows you to quickly and easily approve a second-factor authentication request with one tap using Duo Push.
  • With Duo Mobile & Duo Push, there is no need to carry a bulky token or waste time manually entering in passcodes. Just one tap to authenticate right on your smartphone.

Learn more by clicking here for a short video, "Authenticate with Duo Push on iPhone".

Can I start using Duo without attending a Duo training session?

  1. Yes. You will need to reply to one of the training requests sent via email, and opt-out of the training session.
  2. You will need to provide your NetID and an acknowledgement that you are responsible for following the self-service documentation to configure your Duo account.
  3. Once your Duo account is operational, you will be prompted to log-in with Duo, or otherwise sent an enrollment email.
  4. If your Duo account is not working, please submit a ticket in ServiceNow to get help, or call the ITS Service Desk at 510-885-HELP (4357).

How can I receive a Duo hardware token?

  • If you requested a hardware token but opt out of attending the in-person training, you will need to contact the Information Security Office ( and schedule a time to pick up your assigned token from the ITS Tech Lounge, LI 2500.
  • If you attend a training session in-person, a token will be provided to you at that time.

What if I left my cell phone at home?

  • Please submit a ticket in ServiceNow to request a one-time Bypass Code that will allow you to access Duo-protected services.

What if I have a replacement/new cell phone?

  • Please submit a ticket in ServiceNow to notify us of the change and we will direct you on how to re-enroll yourself with your new device.

My hardware token keeps declining my passcode. Why?

  • The hardware token creates an access code that lasts for 30 seconds. You will need to enter in the generated code before the 30 seconds passes.

If I am already logged into Duo to access one application, do I need to log in again to use a second application protected by Duo?

  • No, Duo will acknowledge that you are authorized to access the protected service.

Do I need to log into Duo every time I step away from my workstation?

  • No, you can have Duo "remember" the last device you successfully accessed for up to 9 hours.

Once I successfully log into Duo, what happens if I try to use a different workstation?

  • The Duo system will only remember the last workstation you successfully logged in from, so you will be prompted to log in again with Duo if you move to a different workstation.

Additional questions?

User guides for specific devices are maintained and updated directly by the vendor:

Please reach out to the ITS Service Desk with any questions about enrolling or using Duo:

© California State University, East Bay. All Rights Reserved.