Skip to main content

Using Duo Multi-Factor Authentication

Duo MFA Changes Coming on July 10

SMS Text Message Passcode and Phone Call Users Should Act Now 

Northwestern IT is enhancing security with a Multi-factor Authentication (MFA) Enhancement project. Starting July 10, 2024, Verified Push WILL REPLACE SMS Text Message and Phone Call verification options in DUO Mobile. Users will need to enter a six-digit numeric code in the DUO Mobile app for authentication. 

Verified Push

What is Verified Push?

Verified Push introduces a new verification code solution for Duo Push. It provides additional security against push harassment and fatigue by requiring users to enter a six-digit numeric code in the DUO Mobile app on your authentication device. This change in method ensures you cannot accidentally approve login requests.

Example of Duo MFA Verified Push

Step 1: Register a device for the first time

  1. On your computer, navigate to any Duo MFA login page (i.e. CAESAR for students, myHR for faculty/staff), and log in with your NetID and password.
  2. You will see a message, “Welcome to Duo Security”, click Get startedNote that once you start the registration process, you cannot stop!
  3. Select the type of device you would like to set up. Then, follow the on-screen instructions to configure your device to accept authentication prompts.

Step 2: Activating Verified Push

**You must register for Duo before activating Duo Mobile. To set up Duo Mobile, please use a separate computer to scan the QR code provided during the setup process.

If you are able to authenticate using an already registered device, please try the following steps:  

Verify your identity

  1. Download the Duo Mobile app from the App Store or Google Play 
  2. Ensure you have a registered device: Make sure you have a device that you’ve already registered. If it’s a cell phone, ensure it has adequate coverage or is connected to a wireless network. 
  3. On a different computer, navigate to any Duo MFA login page, such as CAESAR for students, myHR or Outlook Web Application for faculty and staff using a private or incognito browser window.  
  4. Choose “Other options” in the DUO Authentication prompt. 
  5. Click “Manage devices”: You’ll be directed to authenticate with a registered Duo device. If you don’t have a functioning registered Duo device, contact SPS IT for assistance. 
  6. Select “I have a new phone / I have a new device”: This applies to the device you’re reactivating. 
  7. Open the Duo app and click “Next.” 
  8. Scan the QR code: In the Duo Mobile app, click + Add and then select Use QR code. 

If you don’t want to use the QR code, complete steps 1-7. 

  1. Click “Get an activation link”. 
  2. Enter your preferred email address and click “Send Email”. 
  3. Open the activation email on the device you’re activating and click the provided link to activate Duo Mobile. 

Photo Instructions for Activating Verified Push/Duo Mobile

  6. Scan QR code, or follow directions below. Open activation link on the device you are activating Duo Mobile on.
  12. Added to Duo Mobile

Departmental Duo Access

In a shared account with shared credentials multiple users access the account with the same login information. This is not recommended, and it is more complicated. In this scenario, there are several options for satisfying Duo MFA requirements. 

  1. Transition to Full Send As Rights

    This is the preferred option for accessing shared resources. For mailboxes, contact SPS-IT with the mailbox NetID and email address as well as the full name and NetID of individual users that need access to the mailbox.

  2. Add multiple devices to Duo

    Once multi-factor authentication has been applied to the shared account, each user accessing the mailbox via the shared credentials will need to have their device added to Duo for this account. See below for specific instructions on managing this process.  

Configuring Multiple Devices in Duo for Shared Accounts

Once multi-factor authentication has been applied to the shared account, the first person to use the account would go through the Duo registration process and add a phone number, device, etc. 

Subsequent users needing to access the account with the same credentials, would need to coordinate with the first user to have an additional phone number or device added to Duo (currently limited to 100 devices). This is done by choosing “Other options” from the Duo Push pop-up: 

Verify your identity

  1. Choose “Manage devices” from the bottom of the list
  2. Manage Devices option
  3. Choose “Add a device” and adding the device details:
  4. Add a device option
  5. After initial configuration of each users’ device details, they would need to be sure to choose their personal device utilizing “Other options” from the Duo push screen and selecting the appropriate device. 

Support Options

Users can direct questions about MFA or switching to the Duo Mobile app to SPS IT via the following methods: 

  • Visit us in person @ Wieboldt Hall, room 614 OR 
  • Call us at: 312-503-3333, OR 

Last Updated

Last updated on: June 17, 2024