- Overview
- Get Started With Duo 2FA
- Frequently Asked Questions
- Instructional Videos
- General Issues and Troubleshooting
Advisory: On October 17th 2024, UIT will be upgrading the current Duo 2FA service with an additional layer of security. For more information on the new security enhancements, please visit the links below:
Overview
2FA is required for all active student, staff, faculty, sponsored affiliates accounts and retirees to promote a safer online environment and to help safeguard York and the community's information security and privacy. This is particularly important during the pandemic and resultant remote working/learning, which has seen a dramatic increase in cyber-criminal activity and risk.
- When you first setup Duo 2FA, we recommend you enroll using the Duo Mobile App as your primary authentication factor. Please do not enroll using Touch ID, Android Biometrics, or Windows Hello. These factors can be used as supplementary authenticators once initial enrolment is complete. For more information, please read this FAQ.
- Duo and Touch ID can only be used for web-based logins and will only work in Google Chrome 70 or later.
- Enable the 30-day "Remember Me" option by checking the box at login time to reduce how often 2FA is required on a particular trusted device.
- If you have multiple accounts and want to use the same authentication device, please read this FAQ.
What is 2FA?
Two-factor, two-step, or multi-factor authentication (MFA) is a security process that requires you to use two different authentication factors (methods) to verify your login. Think of your first factor as the lock on the front door of your house and the second factor as the door's deadbolt. The first factor is your Passport York password, and the second factor is a push notification, a code or call sent to your cellphone or a physical security key inserted into your computer. Two-factor authentication is the most effective way of protecting both your credentials and the resources you access with those credentials. With two-factor authentication, you can ensure that all your data remains safe, even if your password is compromised.
Why Do I Need This?
Two-Factor authentication adds an additional layer of protection to your accounts and the data you access through them. The easiest way for malicious hackers and phishers to access York's systems and data is by hijacking your account. With two-factor authentication, you are protecting yourself and your community against these sorts of attacks and ensuring each link in our security chain is strong.
How Does It Work?
- Enter your Passport York username and password
- Use one of the Duo Supported Devices to verify your identity
- You are securely logged in
When will I be prompted to authenticate with 2FA?
After you complete your 2FA Setup, you will be prompted to authenticate with 2FA every time you log in to Passport York web services and Office 365.
When will 2FA be activated?
Active Staff, Faculty and Students have been activated for 2FA as of April 2021.
New Students, Staff and Faculty members are activated on a daily basis.
Duo Mobile Compatible Devices
To use Duo Mobile, you will need either an Android or iOS device. The Mobile App with Android Version 10.0 and above, as well as, iOS 14.0 and above.
Helpful Resources
Download the Duo Mobile App for Android (version 10.0+) and iOS (version 14.0+)
UIT recommends enrolling for Duo 2FA using the Duo Mobile app on your smartphone for ease of use and best experience. Please do not enroll using Touch ID, Android Biometrics, or Windows Hello. These factors can be used as supplementary authenticators once initial enrolment is complete. If you don't have a smartphone, you can order your Duo hardware token at the YorkU Bookstore. When completing your Duo token order, please use your York University email address.
Once two-factor authentication is activated for your account, you have 14 business days to complete your setup. If you've ordered a duo token, your grace period will be extended to 30 days.
To begin, please choose one of the instructions below.
- Who is required to use two-factor authentication (2FA)?
- Are there any location-based restrictions for Duo Service?
- What kind of authentication factor/device should I use for my initial Duo enrollment?
- Can I install the Duo Mobile app on multiple devices?
- Can I use my Android, iOS mail client after completing my Duo setup?
- Can I use Google Authenticator or other authenticators with Duo 2FA?
- Duo Mobile Privacy Information
- How do I enable the Duo Push notification to my default mobile device?
- How do I set up Duo 2FA with Device Biometrics?
- How do I log in using the Passcode via text message method?
- How do I Connect to Pulse Secure VPN with Duo 2FA?
- How to add a new device?
- How to download and install the Duo Mobile app?
- How to use the Duo Mobile app?
- I am both a student and a new York employee (Work/Study, TA, RA, etc.). Can I use the same 2FA device for both accounts?
- I cannot log in with Touch ID.
- I cannot log in to VPN due to invalid password.
- I have multiple York accounts. Can I use the same 2FA device for them?
- I switched/upgraded my phone and the Duo Mobile app does not work.
- Is there a monthly fee for using Duo 2FA?
- Remember Me Feature
- What are the elected Duo 2FA authentication methods of validating logins?
- What if I don't have a smartphone?
- What is a Duo hardware token? How do I get one or get it replaced?
- What happens if I lose my phone?
- Which second factor is the most secure?
- What are the 2FA options if my smartphone is not compatible with Duo Mobile?
An Introduction to Duo Security
Authenticate with Duo Mobile (Android)
Authenticate with Duo Mobile (iPhone)
Authenticate with Duo Hardware Tokens
Authenticate with Mobile Passcodes
Authenticate with By-pass Codes
Authenticate with U2F
How to Enroll and Use Touch ID with Duo
