Two-factor authentication (2FA) adds a second layer of security to your online accounts. Verifying your identity using a second factor (like your phone or other mobile device) prevents anyone but you from logging in, even if they know your password. The University of Cincinnati utilizes Duo Security for two-factor authentication.
How It Works
- Enter username and password as usual
- Use your phone to verify your identity
- Securely logged in
You will login as usual with your username and password, and then use your device to verify that it is in fact you. Login approvals can be delivered via a smartphone app push notification, SMS, one-time passcode, or voice call.
Why Is Two-Factor Authentication Needed?
Passwords are becoming easier and easier to compromise. They can be stolen, guessed, or hacked, and sometimes you may not realize that someone is accessing your account.
Duo adds a second layer of security and keeps your account secure even if your password is compromised. If someone is attempting to login as you, Duo will alert you immediately.
This additional form of authentication is completely independent from your username and password. In other words, Duo never sees your password.
Current and Upcoming Enterprise Systems Utilizing Duo
- Office 365 - June 2019
- Catalyst - June 2019
- Canvas - Coming soon
- Pace - Coming soon
For participant self-enrollment information, please refer to the video and guides below.
Frequently Asked Questions (FAQs) Expand
I'm Enrolled, how do I setup a device for Duo? Expand
The Office of Information Security recommends using the Duo Mobile app as it provides the quickest, most user-friendly experience via a push notification. If unable to add a smartphone or tablet, a landline or basic mobile phone can also be used.
The following links will guide you through adding your device to Duo:
Can I have more than one device for Duo? Expand
Yes. The Office of Information Security recommends adding a second device as a backup for your Duo two-factor authentication.
What if I forget my device for Duo? Expand
In the event that you do not have access to your Duo two-factor device or a backup device, contact the IT@UC Service Desk at (513) 556-HELP (4357) or toll free at (866) 397-3382.
Do I have to use Duo every time I login? Expand
No. Applications that utilize Duo require authentication for every log in. By default, this will include both username and password as well as Duo two-factor. For your convenience and in alignment with industry standards, the Office of Information Security recommends using the “Remember me” option for Duo.
When the “Remember me” box is checked, you will not be prompted for Duo two-factor authentication for 30 days to 180 days as long as you are logging in on the same computer and browser. The length of time for the "Remember me" function depends on the application. If you need to use another computer or browser to log in, the “Remember me” box will need to be checked again.
If your Duo two-factor method has been set to automatic (you do not see “Remember me” at the bottom of the Duo prompt on your computer), you will have to push “Cancel” to enable the “Remember me” option. Once you have checked the box, select an authentication method, and finish signing in.