Duo Two-Factor Authentication: Frequently Asked Questions

Similar documents
What is Two-Factor Authentication?

Multi-Factor Authentication FAQs

Two Factor Authentication (TFA; 2FA) is a security process in which two methods of authentication are used to verify who you are.

Securing your Juniper SSL VPN with two-factor authentication.

Setting Up and Accessing VPN

STRONGER AUTHENTICATION for CA SiteMinder

Can I transfer money to accounts I have at other Financial Institutions through Mobile Banking? No, we don t currently offer this service.

Spring Hill State Bank Mobile Banking FAQs

Registration for My Profile & Administration

Welcome Guide for MP-1 Token for Microsoft Windows

Step 1. Step 2. Open your browser and go to and you will be presented a logon screen show below.

ADDING STRONGER AUTHENTICATION for VPN Access Control

Mobile Banking Questions and Answers

DUO SECURITY CISCO VPN USER GUIDE 1/27/2016

Facebook s Security Philosophy, and how Duo helps.

Faculty & Staff: Office 365 Migration

Two-Factor Authentication

Mobile Iron User Guide

Two-Step Authentication FAQ

Configure AirWatch for Your Mobile Device

Remote Access End User Reference Guide for F5 Edge VPN Client Access

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

The University of Texas Rio Grande Valley. Network Security. Create a Virtual Private. Network (VPN) Connection. Network Security How-to:

Two-Factor Authentication Evaluation Guide

These Frequently Asked Questions include information about both the Remote Identity Proofing (RIDP) and

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

Configure SLC to Smartphone/ Tablet

Flexible Identity. OTP software tokens guide. Multi-Factor Authentication. version 1.0

When enterprise mobility strategies are discussed, security is usually one of the first topics

Initial DUO 2 Factor Setup, Install, Login and Verification

Two Factor Authentication - USER GUIDE

Online Services User Guide

How can I protect against the loss of my ID if my device is lost or stolen?

Information Systems. Connecting Smartphones to NTU s System

Multi-Factor Authentication Job Aide

Banking at the speed of your life. Online. Mobile. Superior. Safe.

Akin Gump Strauss Hauer & Feld LLP Remote Access Resources (DUO)

What does the First Mobile app do for me? What else can I do with the mobile banking app beyond the basics? Why should I use the mobile banking app?

McKesson Practice Choice TM Electronic Prescribing of Controlled Substances (EPCS) Frequently Asked Questions

Administrator's Guide

Quick Start Guide. Version R9. English

Brainloop Secure Dataroom Version QR Code Scanner Apps for ios Version 1.1 and for Android

BroadTouch Business Communicator

Mobile Banking Frequently Asked Questions

ViewPoint Mobile Quick Start Guide

How To Get A Certificate From Digicert On A Pc Or Mac Or Mac (For Pc Or Ipa) On A Mac Or Ipad (For Mac) On Pc Or Pc Or Pb (For Ipa Or Mac) For Free

Advanced Configuration Steps

User Guide. SafeNet MobilePASS for Windows Phone

FileCloud Security FAQ

Two-Factor Authentication over Mobile: Simplifying Security and Authentication

Guide to Evaluating Multi-Factor Authentication Solutions

How Do I Log Into Mobile Banking?

iphone in Business How-To Setup Guide for Users

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android with TouchDown

Proposal Document TitleDocument Version 1.0 TitleDocument

Welcome to XO WorkTime

MOBILE BANKING. Why should I use Mobile Banking?

Getting Started with the Skillsoft Learning App

AirWatch for Android Devices

Salesforce1 Mobile Security Guide

APPLE & BUSINESS. ios ENTERPRISE SECURITY ENTERPRISE NEEDS CONFIGURATION PROFILES

Country Club Bank- Mobile Banking FAQs

Flexible Identity. Tokenless authenticators guide. Multi-Factor Authentication. version 1.0

Tips for Banking Online Safely

MelbourneOnline Hosted Exchange Setup

Research Information Security Guideline

NetIQ Advanced Authentication Framework

Setup your university on your Android smartphone

Frequently Asked Questions & Answers: Bring Your Own Device (BYOD) Policy

Copyright: WhosOnLocation Limited

Deploying iphone and ipad Mobile Device Management

Vehicle Monitoring Quick Reference Guide

Improving Online Security with Strong, Personalized User Authentication

Students Mobile Messaging Registration & Configuration

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android

The Mobile app. Introduction. Phones that support the Mobile app. In this section

Workplace-as-a-Service BYOD Management

Business Banking Customer Login Experience for Enhanced Login Security

How to wipe personal data and from a lost or stolen mobile device

Old National offers both Mobile Web and a Mobile App, so you can choose the best fit for your device type. Either solution enables you to:

AkrutoSync 4.0 User Guide

AUT OneDrive for Business. Instructions for Using OneDrive on Windows Platform

B&SC Office 365

Securing SharePoint Server with Windows Azure Multi- Factor Authentication

MCBDirect Corporate Logging on using a Soft Token

Adding Stronger Authentication to your Portal and Cloud Apps

USER-FAQ (2FA) Q. What are the key features of Fraud Management Solution (Baroda isecure)?

The Top 5 Federated Single Sign-On Scenarios

IDENTITY MANAGEMENT. February The Government of the Hong Kong Special Administrative Region

QuickStart Guide for Mobile Device Management

Upgrading to Duo Authentication VPN A Guide for Users of RAMS Systems

SUBARU STARLINK YOUR SUBARU CONNECTED Safety & Security OWNER S MANUAL. Love. It s what makes a Subaru, a Subaru. MY16StarlinkS&S_OMportrait.

Single Sign-on Frequently Asked Questions

DPH TOKEN SELF SERVICE SITE INSTRUCTIONS:

CAMPUS EXPERIENCES USING NET+ TRUST, IDENTITY, AND SECURITY SERVICES

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

Ensuring the security of your mobile business intelligence

Cisco AnyConnect VPN for: Windows 8

Kaseya 2. User Guide. Version 1.0

Transcription:

Duo Two-Factor Authentication: Frequently Asked Questions The following links are for frequently asked questions related to the Duo two-factor authentication: General Questions Using Two-Factor with Your Phone Accessibility Enrollment Process Troubleshooting Shibboleth SSO Enabled Services which Require Duo Two-Factor Authentication General Questions What is the Duo two-factor authentication solution? Duo two-factor authentication is a cloud-based second-factor authentication with no software to install and no server to set up. Duo has patented technology and drop-in integrations to enable IT customers to easily integrate Duo into an existing application login workflow. See Duo Security for more information. The Duo model primarily relies on a smartphone to be the device in the user s possession. Most users will like the ease and convenience of using phones to verify their identity. Who will use the service? Any University of Miami faculty, staff, student, or designated affiliate who needs to have access to a system or service that is protected by Duo two-factor authentication will eventually need to use the service. At this time, however, the service is limited to pilot areas. When will I need to use the Duo two-factor authentication service? Once a user is enrolled in Duo, the user will need to answer a second-factor credential challenge to authenticate into any application or server that has been configured for the Duo Second-Factor Authentication service. Currently 2 nd -factor authentication is required for accessing any UMSSO (Shibboleth Single Sign-on) enabled applications. Why should a customer/user use the Duo Two-Factor Authentication service? With increasing security attacks across higher education institutions, passwords alone are not a sufficient way to protect resources. Duo two-factor authentication decreases the risk of compromise because a hacker would need to acquire the thing you have, as well as the thing you know. What are some of the features of the Duo two-factor authentication service? The services includes many features, such as flexible integration options for IT system administrators, user self-enrollment or bulk-enrollment options, one- tap authentication or a generated passcode when cellular service is not available, and no passwords or personally identifiable information (PII). (Examples of PII include social security numbers, credit card numbers, etc.) What data is stored by Duo two-factor authentication? The only data that Duo stores for a user is the subscriber s CaneID (Duo does NOT know your CaneID and password) and information about your second factor, such as a phone number (if using a phone for the service) or the serial number of your hardware token (if not using a phone 1/13

for the service). What if I lose my phone? Contact your service administrator immediately if your phone is lost or stolen. The administrator will disable it for authentication and assist you to register another device. Remember: Your CaneID and password (first-level authentication) will continue to protect your account even if your phone is lost. I am going to be traveling abroad. How can I continue to use Duo two-factor authentication? It s up to the user to know and understand the implications of using his/her cell service while abroad (cost to use the phone abroad, cellular service availability where traveling, etc.). If the user is satisfied with those conditions and is planning to use his/her device normally while traveling, then using the device as the second-factor will not change. Regardless of the implications of using a cell service abroad, if using a smartphone, then an enrolled user can simply use the Duo Mobile App to generate a passcode each time authentication is needed. Use the passcode as your second factor. Cellular service is not needed to generate passcodes through the Duo Mobile App. Using Two-Factor with Your Phone Do I need a smartphone to use Duo two-factor authentication? A smartphone is the best choice since it provides the greatest level of security and allows you to use the Duo Mobile app. The app generates passcodes for login and can receive push notifications for easy, one-tap authentication. Having said that, a smartphone is not required to use the service. I don t have a smartphone. Will I be able to Duo two-factor authentication on my regular cell phone? Yes, any cell phone will work, but it will not include the advantages of the Duo Mobile app (passcodes, prompts, etc.) and may result in regular cell phone charges in order to call back and authenticate (depending on the user s phone service). What if I wanted to use a landline at my office instead of my personal phone? You may use a landline instead of a mobile device; however, you need to take into consideration the stationary nature of a landline. Even if you work almost exclusively at your desk in your office (where the landline is located), you might on rare occasions need to have access to your UM protected services from home or from a remote location (such as an annual conference). What if I prefer to not use my phone at all? Can I still use Duo two-factor authentication? First, using Duo two-factor authentication on your phone is perfectly safe, and a smartphone is the preferable device to use for a number of reasons (app being available, calling prompts, one fewer thing to carry around and keep track of, etc.) In other words, a phone (especially a smartphone) is the preferred method. Can I use multiple phones, or am I restricted to one phone? You can set up Duo Two-Factor Authentication on multiple mobile devices (phones, tablets, etc.). Does it cost me anything to use the Duo two-factor authentication service via my phone? If so, will I be reimbursed by UM? Text messages and voice calls are sent only when you request them, and they would be billed by your carrier in the same way that any other text message or call would. UM will not reimburse you for these charges. If the charges when using Duo exceed a level that you re comfortable with, then consider switching to a landline rather than a cell phone for the service (understanding the limitations of a stationary phone). 2/13

Can I change to a different phone with a different number after I have the Duo two-factor authentication service? Yes, you can change to a different phone with a different number. You will need to reactivate Duo two-factor authentication on the new device, and if it s a different type of device (for example, if you re going from Android to iphone), then you will need to make sure that you select the new phone type before reactivating. What does the Duo Mobile app access on my phone? It does not access your other apps or other data on your phone; it uses some base functionality of the phone and a certificate that identifies your phone to ensure accurate identification. I m often in a location where I have poor cell coverage; how can I use the Duo two-factor authentication service? In cases where cell coverage is not available, use the Duo Mobile app to generate a passcode. Use the passcode as your second factor. If you re not using a smartphone (and therefore do not have access to the app), then generate passcodes in advance. I use a landline for my Duo two-factor authentication service, and I m going away for a week. Can I still use the Duo two-factor authentication service? Yes, you can forward your service to another phone. Do the SMS (text) passcodes provide by Duo expire? If so, how long are the passwords available for use? Passcodes are set to expire in 1 hour; however, there are a couple of things to keep in mind when using passcodes: Passcodes are only good for one use, so once a passcode has been used to authenticate into two-factor authentication, it is expired and cannot be used again. Our configuration has been set up to include 5 individual passcodes in each SMS (text) message. Any time a user requests a new set of passcodes, any unused passcodes from the previous SMS message are all expired. For example, if a user requests SMS passcodes, then an SMS message with 5 passcodes is sent. If the user realizes after using 3 of those passcodes that he/she is running low and asks for additional passcodes, those remaining two from the original message are no longer valid. They must use passcodes from the new list. Accessibility Are there any accessible options available? Some accessibility problems can be addressed by the phone itself; however, if someone has an accessibility problem that cannot be resolved by using the service with a phone, then there are accessibility options available. Please contact Identity Services for more information. Enrollment Process What are the enrollment options? There are three enrollment options: inline self-enrollment, self-enrollment invitations, and manual enrollment. 3/13

What is inline self-enrollment? This is when an individual who is going to use a smartphone for the service completes the enrollment process by using one of the applications that supports self-enrollment. Make sure to follow the process completely in order to successfully enroll. See the How to Enroll in Two-Factor Authentication page for information on self-enrolling. What is the self-enrollment invitation process? This is when an email is sent to you in order to start the enrollment process. Follow the directions in the email to complete enrollment. Make sure to follow the process completely in order to successfully enroll. What is manual enrollment? Manual enrollment is when a user shares enrollment information with a Two- Factor Authentication service administrator who completes the enrollment process and then notifies the subscriber by email when the process has been completed. This is typically only done for a hardware token. What do I enter for a mobile phone that s not a smartphone when I m enrolling for the service? Whenever you re using a cell phone that s not a smartphone, select mobile as type and then unknown under platform. Troubleshooting I m trying to log into my Duo two-factor authentication service on my phone, but it tells me I can t. What should I do? Before attempting to troubleshoot any second-factor problem, make sure that the first-factor authentication (CaneID and password) is correct. If this is the first time that you ve used the service on this particular phone, then make sure that the enrollment process has been completed and then try again. If you ve used the service on this phone before and cannot login, then make sure that phone is not locked. If it is locked, then unlock the phone and start the mobile app (if on a smartphone) and try again. Make sure that you re using the correct mobile device. If you re using a new device (even if you have the same phone number), then reactivate the Duo Mobile app for the new device. (If you re changing types of phone, such as going from an Android to an iphone, then select the new type of phone before reactivating.) If the service is still not working, then contact the UMIT Service Desk. Why have I have stopped receiving push notifications on Duo Mobile? If you have stopped receiving push notifications, then check for network between your phone and Duo service. If there is not a network problem, then request a re-activation of the service from the UMIT Service Desk. I have a Windows tablet, but it does not seem to be compatible with Duo two-factor authentication. What should I do? Certain Windows platforms are not supported by Duo Mobile, so they will not work with two-factor authentication. Specifically, those with a full Windows operating system are not supported. Those with a mobile operating system, such as Windows Phone or Windows Mobile, are supported (and will work for two-factor authentication). 4/13

If the Windows platform on your device does not have an App store and is not supported, then there are a number of other device options available to enroll. Shibboleth SSO Enabled Services which Require Duo Two- Factor Authentication SERVICE PROVIDER AlcoholEdu ALEKS ALEKS with invalid class code BlackBaud Blackboard Web Box Cambridge Journals Online CampusLabs (Student Voice LLC ) Canelink CITI CMS (Cascade) Collaboration Wiki Spaces at Internet2 Collegenet CoursEval Courseware Stanford Daptiv DMP Tool (Univ of California - Office of the President) ECRT Prod EduCause Gartner GoAbroad Google Apps GradesFirst Handshake HathiTrust HBO 2 GO/CampusNow Hodes IQ Hyland (Shib) ILABS IMLeagues InCommon Federation Manager Internet2 Kaltura Kivuto Kronos Kuali 5/13

Laureate/SalesForce (in progress) Laureate Blackboard LeepFrog Library Subject Plus Lynda.com Maxient MSIT Federation Service (Microsoft) myum OBIEE OIM (caneid self-help) Orbis Org Sync Panopto Parking Proquest LLC Qualtrics REDCap REDCap UDavis SalesForce.com CRM Service Now Shibboleth Wiki Skillport SSERCA Sympa Tapingo Thomson Reuters IP and Science Tidemark Ulearn / Cornerstone UNIDays UnitedWay Uride Workday 6/13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information