FAQs about Duo Two-Factor Authentication

What is two-factor authentication?

 

Two-factor authentication adds a second layer of security to your online accounts. Verifying your identity using a second factor (like your phone or other mobile device) prevents anyone but you from logging in to your account, even if they know your password.

 

Wayne State University is working with a company called Duo Security for our two-factor authentication solution for employees and faculty. The service features:

 

  • One-click authentication from your mobile device via a free app.
  • Offline authentication available when needed.
  • SMS, landline and non-phone methods available if necessary.

 

At this point, we do not offer two-factor authentication to students.

 

Why is two-factor authentication needed?

 

With the number of stolen passwords and hacking attempts on the rise, it is important to ensure the safety and security of WSU data. By using two-factor authentication, we can ensure that critical university systems are only accessed by authorized users.

 

Who can use two-factor authentication?

 

Any employee that is logging in to a protected service may use two-factor authentication.

 

Which services are protected using two-factor authentication?

 

The Wayne State VPN and Self Service Banner (pay stubs, tax forms, direct deposit, etc.) are currently configured for two-factor authentication. You will only need to enroll yourself once to take advantage of two-factor authentication, no matter which service or website you access securely.

 

Do I need any special equipment in order to enroll or use two-factor authentication?

 

WSU and Duo Security's two-factor system uses something most of us already have -- a smartphone or tablet. These are the best choice since it provides the greatest level of security. It allows you to use the Duo Mobile app, letting you receive push notifications for easy, one-tap authentication.

 

Is the Duo Mobile app safe to download and use?

 

Yes, it is safe to download the Duo Mobile app from the Apple App Store, the Google Play Store or the Windows store.

 

How do I enroll?

To setup two-factor authentication for the first time, log in to Academica and click the Settings icon. Then, click Account Management and select Two-Factor Authentication. Then, follow the on-screen prompts.

 

After I enroll, what happens when I try to log in to a protected service?

 

When you try to access a service which is protected by two-factor authentication, you will first be required to type in your AccessID and password like usual. Once that is complete, the system will then prompt you for your second method to verify your identity, which typically is your smartphone or tablet. Your device will automatically get a notification confirming that you wish to log in. Once you approve the notification on your device, the protected system will automatically continue and log you in without any further intervention.

 

Is there a guide that can help show me how the two-factor process works?

 

Yes. You may visit guide.duosecurity.com to see examples and screenshots of the process in action.

 

Can I add more registered devices or change my current ones?

 

At the Duo prompt, you may click on the My Settings and Devices link. Duo will authenticate using your existing device, after which you may add additional methods by clicking on Add another device near the bottom, or modify/delete their existing devices by clicking Device Options next to any particular device.

 

You may also manage your devices via Account Management in Academica. Learn more at kb.wayne.edu/238839.

 

What is happening to my data and password?

 

Your protected data and your password are never transmitted to the Duo two-factor system; only your username is transmitted to facilitate the two-factor authentication process.

 

Does the Duo Mobile application use up any cellular data?

 

If your device is not attached to a Wi-Fi network like WSU-SECURE, you may use a small amount of data from your cellular plan.

 

What happens if I can't use my data service on my smartphone?

 

The Duo Mobile app can work without using the push notifications. Once enrolled, you may open up the Duo Mobile app and tap Wayne State University. A 6-digit code will be displayed. You may then use the passcode by typing it into the authentication screen.

 

What if I have unreliable or terrible cell service?

 

Same thing regarding the Duo Mobile app -- it does not require data service. You can just tap Wayne State University and put in the 6-digit code into the authentication screen.

 

What if I do not have a smartphone?

 

If you do not have a smartphone or tablet, please contact the C&IT Help Desk at 313-577-4357.

 

What if I lose my phone or mobile device?

 

Contact the C&IT Help Desk immediately to disassociate your lost device from your account. They can then assist you in re-associating your account to a new mobile device.

 

What if I need to log in for an emergency and I don't have my registered phone with me?

 

Contact the C&IT Help Desk for exceptional situations in which you need to log in but do not have any registered devices with you.

 

Are there options for people without any kind of phone?

 

Other options are available on an exception basis in rare cases where a phone is not available or appropriate. Please contact the C&IT Help Desk for more information.

 

Users also have the option to purchase a USB authentication key from the C&IT Help Desk. Learn more at kb.wayne.edu/250848.

 

What do I do if I have additional questions?

 

Please contact the C&IT Help Desk for any questions or issues you have with the service.

 

Can I use the campus Duo two-factor service to secure a system I am managing?

 

Yes. Please contact a member of the Information Security Office to discuss how the Duo two-factor service can be integrated into your system.