Duo MFA

What is Multi-Factor Authentication?

Multifactor authentication, or MFA, adds a second layer of security to your online accounts. Verifying your identity using multiple factors (like your phone or other mobile device) prevents anyone but you from logging in, even if they know your password.  Previously this was referred to a Two-Factor Authentication, or 2FA.

How It Works:

1. Enter username and password as usual
2. Use your phone to verify your identity
3. Securely logged in

Once you've enrolled in Duo you're ready to go: You'll login as usual with your username and password, and then use your device to verify that it's you. Your administrator can set up the system to do this via SMS, voice call, one-time passcode, the Duo Mobile smart phone app, and so on.

No mobile phone? You can also use a landline or tablet, or ask your administrator for a hardware token. Duo lets you link multiple devices to your account, so you can use your mobile phone and a landline, a landline and a hardware token, two different mobile devices, etc.

Why Do I Need This?

Passwords are increasingly easy to compromise. They can often be stolen, guessed, or hacked — you might not even know someone is accessing your account.

Multifactor authentication adds a second layer of security, keeping your account secure even if your password is compromised. With Duo Push, you'll be alerted right away (on your phone) if someone is trying to log in as you.

This second factor of authentication is separate and independent from your username and password — DUO never sees your password.

Supported Devices:

Click your device to learn more:

• iPhone & iPad
• Android
• Windows Phone
• Cell Phones & Landlines

How do I enroll in Duo?

The first time you log into your account, you'll be prompted to enroll.  You'll provide your phone number to enable texts and voice calls.  It is also recommended that you install the Duo mobile app on your phone, in order to accept pushes, which is the quickest way to authenticate.

How do I add/remove/change my Duo authentication device?

Upon your next Duo authentication, instead of authenticating, choose Other options.  This will let you manage your devices.

What if I don't want to install Duo mobile on my smartphone or use it as a multifactor method?

Any landline phone number can be used with Duo for accessing protected services. See the above link for setup instructions.

Users can also purchase a hardware token to access external services protected by Duo. Hardware tokens can be purchased by sending a request to iso-alert@som.umaryland.edu. Tokens cost $25 and will be charged back to the requesting department. They have a battery life of approximately 7 years and can be re-issued if necessary.

I'm traveling and don't have access to Wi-Hi or mobile data. How do I access a Duo protected app?

Duo Mobile has a built in feature that allows users to access duo protected apps when Wi-Fi/Data isn't available on the registered mobile device . Simply open the app and click the "Key" icon. A 6 digit code will display that the user will use with the protected application. Have the user click "Enter a passcode" and enter that number

Duo's New Look: Universal Prompt

Instead of the classic look of Duo prompting you to choose an authentication method:

Duo will now look like this, and will automatically trigger the last authentication method you used.  For example, if you requested a push the last time you logged in, Duo will trigger a push now.

If you need to change the authentication method, simply click Options and choose the method from the menu.