How It Works

Multi factor authentication adds a second layer of security to your online accounts. Verifying your identity using a second factor (like your phone or other mobile device) prevents anyone but you from logging in, even if they know your password.

Three steps to stronger authentication

• Enter your username and password as usual
• Use your phone (or alternate device) to verify your identity
• Securely logged in

Once you've enrolled in Duo you're ready to go: You'll login as usual with your username and password, and then use your device to verify that it's you. Your administrator can set up the system to do this via SMS, voice call, one-time passcode, the Duo Mobile smartphone app, and so on.

No mobile phone? You can also use a landline or tablet, or ask IT Services for a hardware token. Duo lets you link multiple devices to your account, so you can use your mobile phone and a landline, a landline and a hardware token, two different mobile devices, etc.

Why Do I Need This?

Passwords are increasingly easy to compromise. They can often be stolen, guessed, or hacked — you might not even know someone is accessing your account.
The average before a compromise is detected is 280 days.  Time your information is at risk.

Multi factor authentication adds a second layer of security, keeping your account secure even if your password is compromised. With Duo Push, you'll be alerted right away (on your phone) if someone is trying to log in as you.

This second factor of authentication is separate and independent from your username and password — Your password is never stored externally and the Duo Mobile app (preferred method of authentication) does NOT collect or transmit personal information on the smart device to TRU or Duo, so it is considered safe to use.

YubiKey request form