2-Factor Authentication (2FA) at UD

How do I connect if I don't have my device?

Enrolling in and Using 2FA

Adding, Removing, and Reactivating Devices

Enrolling a New Phone in Your 2FA Account

2FA FAQ
 

NOTE: If this article does not resolve your 2FA problems or questions, contact the IT Service Center at (937) 229-3888 or submit an IT General Help Request.

University of Dayton account holders are required to use 2FA to access protected systems including Porches, UD Gmail, Banner and Isidore.

2-Factor authentication or "2FA" is a security measure that verifies your identity when you log into protected systems. As "2-factor" indicates, you verify your identity with two forms of information:

  • Something you know: your UD password
  • Something you have: your phone or token

2FA technology provides added security to UD data systems in case your password is compromised. University of Dayton account holders are required to use 2FA to access protected systems including Porches, UD Gmail, Banner and Isidore.

Watch this video about UD's 2FA program to learn why 2FA is needed and how 2FA works.


 

How do I connect if I don't have my device?

If you don't have your phone and do not have a secondary device, use one of these options:

Option 1

Visit the IT Service Center for an in-person identity verification to obtain a bypass code.
 

Option 2

Send the IT Service Center, ITservicecenter@udayton.edu, a Zoom link from your personal email. Join them via your computer or other device for identity verification and a bypass code. If your device does not have a camera, you must visit the IT Service Center in person.
 

Enrolling in and Using 2FA

When you arrive at UD, you’ll be prompted to enroll in 2FA. Faculty / staff employees and graduate students will be prompted to enroll the first time they login to their UD computing account. Undergraduate students will be prompted to enroll shortly after starting classes.

After you’ve enrolled, you’ll be prompted to verify your identity when you log in to protected systems. Depending on the device you’ve enrolled, this verification can happen in one or more of the following ways:

  • Duo Push: Push notifications are the easiest and most popular 2FA authentication method. After the Duo Mobile app is installed and active on your smartphone or table, choose the Duo push option to authenticate by tapping on an “approve” button on your phone. Duo Push requires an Internet connection. [Available on smartphones, tablets]
     
  • Passcode: You can authenticate with a passcode from your smartphone, tablet or hardware token, even without an internet connection or cellular service. Tap the green key button in the Duo Mobile app or press the button on your hardware token to display a 6-digit passcode. On the 2FA login page, type the 6 digits into the “Passcode” field and hit “Log In.” [Available on smartphones, tablets, tokens]
     
  • Phone call: Have Duo Security call your phone and follow the simple phone prompts to authenticate. NOTE: This option is not preferred, as each phone call authentication incurs a small fee UD must pay our 2FA vendor. [Available on smartphones, cell phones, landline phones]
     
  • Text passcodes: You can choose the “text passcodes” option at the 2FA screen to send a text message to your phone with five, one-time use passcodes. Each time you need to authenticate, enter one of the 6-digit codes into the passcode field on the 2FA screen. When you have used the 5 passcodes, you can request to receive 5 more. [Available on cell phones]
     

<Return to Top>
 

Adding, Removing, and Reactivating Devices

Access your 2FA settings to add, remove, or reactivate devices or change the behavior of 2FA to automatically call or send a push notification to your device when you’re logging in.

Access 2FA Account Settings

Add a Device

Reactivate or Remove a Device
 

Access 2FA Account Settings

  1. From your browser's tool menu, start a private window (Firefox, Safari) or incognito window (Chrome).
     
  2. Go to porches.udayton.edu and log in with your UD username and password to open the 2FA authentication prompt. STOP!  Do NOT authenticate! You’ll see several options for managing your 2FA account on the left side of the 2FA window, including “Add a new device” and “My Settings & Devices.”
     

Add a Device

Registering an additional mobile phone, tablet, or landline provides a back-up in case your primary 2FA device is unavailable.

  1. From the 2FA Account Settings, select Add a new device.
  2. Complete your 2FA login confirmation.
     
  3. Choose the device you are adding, click Continue, and follow any remaining prompts.
     

Reactivate or Remove a Device

  1. From the 2FA Account Settings, select My Settings & Devices.
     
  2. Complete your 2FA login confirmation.
     
  3. Click the Device Options button next to the device you want to remove.
  4. To reactivate a device, click Reactivate Duo Mobile. You’ll receive a QR code to scan with the Duo app on your new phone.
     
  5. To remove a device, click the trash can icon and click Remove to confirm.
     
  6. When finished, scroll down the My Settings & Devices window and click the Back to Login button to proceed to the authentication prompt and exit.
     

<Return to Top>
 

Enrolling a New Phone in Your 2FA Account

If you get a new phone or new phone number, you may need to reactivate DUO on your device.

2-Factor Authentication (2FA) FAQ

What if I lose my phone or token?

Immediately report lost phones or tokens to the IT Service Center 937-229-3888, itservicecenter@udayton.edu. If you have more than one device registered in the 2FA system, you can delete the lost device from your 2FA account. If the lost device was the only one registered in the 2FA system, the IT Service Center will assist you to unregister the device and register another device. NOTE: You will be charged a fee to replace a lost Duo token.

What if my device has no cell or internet connectivity?

For smartphones/tablets, use the Duo app and select the Duo key icon in the upper right-hand corner of the app to get a passcode. Standard cell-phone users enter one of the passcodes already texted to the phone. Tokens don't require any connectivity.

Sometimes my phone doesn't receive the Duo push notification. What's wrong?

Your phone might be asleep. For best results, wake up your phone before clicking the "Send Me a Push" option.  If that doesn't work, try deactivating your wireless connection before clicking the "Send Me a Push" option. If you still experience issues, contact the IT Service Center.

What if I get a login request from Duo that I didn't expect?

If you get a login request which you did not initiate yourself, do not approve the login request. Press "Deny" in the Duo app. You’ll have the option to report it as fraudulent, or you can tap "It was a mistake" to deny the request without reporting it. For phone calls, press 5 on your phone's keypad to deny the request.

What is a token?

A token is a small "keychain" device that provides temporary 6-digit passcodes assigned to your username. Your passcodes are not usable by anyone else. Tokens can be purchased through the UD Bookstore.

Duo token

Why am I receiving an error message that says “Incorrect passcode. Please try again.” after entering the passcode displayed on my token?

Your token may be out of sync. You can generally resync your token by attempting to log in three consecutive times, entering a new code each time. If this method of resyncing does not work, contact the IT Service Center for assistance.

What information/functions does the Duo app access on my phone?

These are the required permissions for using the Duo app:

  • Camera - take pictures. NOTE: Camera is only needed for enrollment; you can disable camera access after enrollment.
  • Receive data from internet
  • Prevent device from sleeping
  • Control vibration
  • Full network access
  • View network connections
  • Run at startup
     

<Return to Top>

Was this helpful?
34% helpful - 59 reviews

Details

Article ID: 46767
Created
Tue 1/23/18 2:55 PM
Modified
Wed 11/15/23 9:01 AM