Duo Multi-Factor Authentication

Contents

Duo Security is a multi-factor authentication tool used by the University of Vermont to protect sensitive information. Upon logging into a Duo-protected site, you will be required to perform an additional authentication step via Push notification to a smart phone or tablet, SMS text, or phone call.

To use Duo, you must enroll a device to act as your secondary authentication factor.

See our FAQ for answers to common questions about Multi-Factor Authentication at UVM.

Manage your MFA Devices Here

Consider enrolling a second device through UVM's Duo Security, or safely store a set of Offline Codes.

If you have offline codes or a second enrolled device available, you can still log into critical UVM services in cases where your primary device is forgotten, lost, damaged, or when you need to set up a new primary device.

There are five physical devices that you can use to provide the second factor of two-step authentication. Each device has one or more authentication methods available. Expand the toggle below to view all supported devices and authentication methods.

Devices and supported authentication methods

Device Type	Authentication Options	Supported Platforms
Smartphone	Duo Mobile push notification (recommended) Duo Mobile passcode SMS text message (not recommended) Phone call	iOS Android
Tablet	Duo Mobile push notification (recommended) Duo Mobile passcode	iOS Android
Mobile Phone	SMS text message Phone call	Mobile phones with SMS text messaging capability.
Landline	Phone call (not recommended)	All phones
Backup Access (Offline) Codes	Passcode	A printed list of 10 passcodes that can be used when other MFA options are not available.
Hardware Token	Passcode	A YubiKey hardware token provides two-step codes at the push of a button.

Enroll a device in Duo

Add a Smart Phone

Your smartphone needs to be connected to the internet.

On Campus?

Click here for instructions on connecting your phone or tablet to the UVM Wireless Network.
1. Visit https://account.uvm.edu/multifactor and enter your UVM NetID and password, if prompted.
  
  If you’ve previously enrolled a device in Duo, you may receive a prompt asking you to use your currently enrolled MFA device(s) to access this page. If none of your second factor devices are available, please contact the UVM Tech Team.
2. Click Activate/Manage Duo Security.
3. Click Add Device.
4. Select Mobile for the type, choose the appropriate platform, enter your phone number (with area code), enter a nickname for your phone, then click Add Device.
You will receive two sms text messages. The first message contains a link to download and install the Duo app on your device. Follow that link and install the app if you haven’t already installed it.
- If you have not already installed Duo, you can click this link to launch your App Store (iOS) or Google Play store (Android) to install the app.
- Once your device’s App Store (iOS) or Google Play store (Android) has launched, click the “Get” or “Install” button to download and install the Duo Mobile app. The Duo mobile app uses Push notifications. If prompted, you should “Allow Push Notifications” in order to use the Push authentication method.
When the Duo mobile app installation completes, open the second sms text message you’ve received. This message provides a link which will activate your Duo mobile app for use with your UVM account.
- Click the link to activate your Duo mobile app.
- Your phone may ask for your permission to open the Duo mobile app. If prompted, tap the “Open” button. (If you receive a prompt asking whether to open the link in Duo or your web browser, choose Duo.)
You should now have successfully activated your Duo mobile app.

Still not receiving push notifications from Duo Mobile?

Click this link for help troubleshooting Duo Push notifications on Google Android.
Click this link for help troubleshooting Duo Push notifications on Apple iOS.

Add an iPad or Android Tablet

The following steps will guide you through enrolling your iPad or Android tablet in Duo Security for Push and passcode authentication.

Your tablet needs to be connected to the Internet.
On Campus?

Click here for instructions on connecting your phone or tablet to the UVM Wireless Network.
Navigate to your tablet’s App Store (iOS) or Google Play Store (Android). Search for the Duo Mobile app and install it on your device. If prompted, you should Allow Push Notifications. When the app is installed, proceed to step 3.
Visit https://account.uvm.edu/multifactor and enter your UVM NetID and password, if prompted.

If you’ve previously enrolled a device in Duo, you may receive a prompt asking you to use your currently enrolled MFA device(s) to access this page. If none of your second factor devices are available, please contact the UVM Tech Team.
- Click Activate/Manage Duo Security.
- Click Add Device button.
- Select Other/Non-phone as the type, choose the appropriate platform, enter a nickname for your tablet, then click Add Device.
A QR code will appear on the following screen. This code will be used to link your Duo Mobile device with your UVM account.
- In the Duo Mobile app on your tablet, tap the icon in the upper right corner. Tap Allow if Duo Mobile asks for permission to access your camera. The camera is used to scan the QR code.
- Point your tablet’s camera at the QR code to associate your UVM account with the Duo Mobile app.
You should now have successfully activated your Duo mobile app.

Still not receiving push notifications from Duo Mobile?

Click this link for help troubleshooting Duo Push notifications on Google Android.
Click this link for help troubleshooting Duo Push notifications on Apple iOS.

Add a Non-Smart Phone

The following steps will guide you through enrolling your cell phone in Duo Security for SMS authentication.

Visit https://account.uvm.edu/multifactor and enter your UVM NetID and password, if prompted.

If you’ve previously enrolled a device in Duo, you may receive a prompt asking you to use your currently enrolled MFA device(s) to access this page. If none of your second factor devices are available, please contact the UVM Tech Team.
Click Activate/Manage Duo Security.
Click Add Device.
Select Mobile as the type, choose Unknown for platform, enter your phone number (with area code), enter a nickname for your phone, then click Add Device.
Your phone should now have been properly added to the Duo Security system.

Add a Landline or Office Phone

Visit https://account.uvm.edu/multifactor and enter your UVM NetID and password, if prompted.

If you’ve previously enrolled a device in Duo, you may receive a prompt asking you to use your currently enrolled MFA device(s) to access this page. If none of your second factor devices are available, please contact the UVM Tech Team.
Click Activate/Manage Duo Security.
Click Add Device.
Select Landline as the type, enter your phone number (with area code), your phone extension enter a nickname for your phone, then click Add Device.
You must enter a 10 digit phone number including the area code.
That’s it! You’ve successfully enrolled your Landline phone for use with Duo Security.

Generate Backup Access (Offline) Codes

Off-line passcodes are to be used when you need to provide an additional authentication factor but are unable to use other methods.

Visit https://account.uvm.edu/multifactor and enter your UVM NetID and password, if prompted.

If you’ve previously enrolled a device in Duo, you may receive a prompt asking you to use your currently enrolled MFA device(s) to access this page. If none of your second factor devices are available, please contact the UVM Tech Team.
Click Activate/Manage Duo Security.
Click Generate Offline Codes.
Print out this list of codes and keep it in a safe place. You should treat these codes as if they were a $100 bill. Codes must be used in the order they are listed. Once you’ve used a code it will no longer work, cross out any used codes to help keep track of which have been used.

Request a USB YubiKey

A YubiKey is a small device that resembles a USB flash drive, plugged into the computer you are using to access a Duo protected service. Pressing the button on the key provides the second factor to the service allowing you access.

Available By Request

To request a YubiKey, contact Identity and Account Management by emailing iam@uvm.edu or calling (802) 656-2006. Click here for contact information.

There is a $40 one-time-fee to your department for each YubiKey.

Re-Enroll in Duo with a New Device or Number

If your UVM account is already protected by Duo, but you get a new phone or number, you will have to remove and re-add your device in the Duo Security Enrollment page. Because this page is protected by Duo, and you may no longer have your Duo device, this section describes how to proceed through some common scenarios

Did you get a new phone, but still have your old number?

Use the instructions below for Login using Duo SMS text messages or Login using a phone call, then remove your old device and enroll your new device as outlined above.

Do you still have the old phone?

If you still have your old, Duo-enabled device, you can Push to it or use the instructions below for Login with Duo Mobile generated codes, then remove your old device and enroll your new device as outlined above.

Do you have another device enrolled in UVM's Duo Security?

Do you have Backup Access (Offline) Codes?

Use the instructions for Login using Backup Access (Offline) codes found below, then remove your old device and enroll your new device as outlined above.

New phone and number, and no other devices enrolled in UVM's Duo Security?

You will need to contact Identity and Account Management by emailing iam@uvm.edu or calling (802) 656-2006. Click here for contact information.

You will not be able to log into Duo-protected services without a Duo-enrolled device

Please see the sections above for enrolling a device in Duo MFA.

Duo multifactor authentication (MFA) only protects UVM if we’re mindful about which MFA prompts we’re approving. Not expecting that Duo push or call? Don’t approve it!

Enter your UVM NetID and password as normal, then click Login.
Click Push to receive a (no-cost) push notification on your device.
Open the Duo Mobile app on your device, then tap Request Waiting. Tap to Respond… toward the top of the screen.
Tap Approve. You should be logged into the Duo-protected service after a few moments.

Not receiving the push notification?

Please ensure you are connected to a wireless network and have a good wifi signal.

If you do not approve the Duo push notification within 20 seconds, the notification will expire and you will have to re-send the push notificaton.

Enter your UVM NetID and password as normal, then click Login.
In the Duo Mobile app on your smart phone or tablet, tap on University of Vermont to view a six-digit passcode.
Enter the passcode generated by your Duo Mobile app in the Passcode field, then press the Enter key.

Open a web browser and navigate to a UVM web service protected by Duo multi factor authentication. In this example, we’ll be logging into PeopleSoft.

Enter your UVM NetID and password as normal, then click Login.
Click Text. You should only need to click this option once.

Not seeing the Text option

Click the I Can’t Push to this device checkbox to see additional, non-push options.
You will receive an SMS text message with a list of codes.
Not receiving the codes?

If it has been more than a minute and you still have not received a text with your SMS passcodes, please ensure you have good cell service and can otherwise receive text messages.
Avoid clicking the Text option again – this will generate a new set of passcodes, rendering previous passcodes invalid.

Codes can only be used once

You will received 10 SMS passcodes separated by a space. Please keep track of which codes you have used – they can only be used once.
Enter one of the codes into the Passcode field, then press the Enter key.

SMS Code Details

SMS passcodes can only be used once.
You can use SMS passcodes in any order without invalidating other unused codes.
Requesting a new batch of SMS passcodes will invalidate all previous SMS passcodes. Only the most recent passcodes will be usable.

Enter your UVM NetID and password as normal, then click Login.
Click Call under the appropriate device.
Answer the call on your selected device, then approve the login request by pressing any key on the phone’s number pad. You should now be successfully logged in.

Enter your UVM NetID and password as normal, then click Login.
Enter one of your Backup Access Codes in the Passcode field, then hit the Enter key.

Offline Backup Code Details

Offline codes are valid until used once.
You can use your offline codes in any order without invalidating other unused codes.
Requesting a new batch of offline codes will invalidate all previous offline codes. Only the most recent passcodes will be usable.

Don't have a YubiKey

To request a YubiKey, contact Identity and Account Management by emailing iam@uvm.edu or calling (802) 656-2006. Click here for contact information.

There is a $40 one-time-fee to your department for each YubiKey.

Enter your UVM NetID and password as normal, then click Login.
Insert your YubiKey into a USB-port, then touch the brass contact.
Your YubiKey will automatically insert a string of characters which will serve as the second-factor for accessing the Duo protected service you’re logging into. You should then be successfully logged in.

Updated on January 25, 2021

Not the solution you were looking for?

Don’t worry we’re here to help!

Submit a Help Ticket

Devices and supported authentication methods

Enroll a device in Duo

Add a Smart Phone

Add an iPad or Android Tablet

Add a Non-Smart Phone

Add a Landline or Office Phone

Generate Backup Access (Offline) Codes

Request a USB YubiKey

Re-Enroll in Duo with a New Device or Number

Login using Duo MFA Options

Login using Push Notifications

Login with Duo Mobile Generated Codes

Login using Duo SMS Text Messages

Login using a Phone Call

Login using Backup Access (Offline) Codes

Login using a USB YubiKey

Related Articles