MFA - FAQ
What is Duo Mobile?
- Duo Mobile is a mobile application (app) that you install on your smartphone or tablet to generate passcodes for login or receive push notifications for easy, one-tap authentication on your mobile device. It works with Duo Security’s Multi Factor Authentication (MFA) service to make your logins more secure.
Why is my password not enough?
- Passwords are increasingly easy to compromise. They can often be stolen, guessed, hacked,
you could be locked out of your account or someone stealing your information without your knowladge.
- With MFA, you'll be alerted right away (on your phone) if someone is trying to log in as you and be able to block and report it.
What is the recommended Multi Factor Authentication method?
- If you have a smartphone or tablet, we recommend Duo Push. It is quick, easy-to-use, and secure.
See an introduction to Duo Security and a demonstration of Duo Push in this Short Video: https://www.youtube.com/watch?v=_T_sJXnSM98
What other options are there for authenticating with Duo?
- Landline phone call
- Cell phone phone call
- YubiKey (requires Supervisor or higher signature). Reach out to firstname.lastname@example.org to request this option
How do I replace or reprogram a hardware token?
- Lost or stolen tokens can be replaced by the employee's department at a cost of approximately $40.
- Employees should report a lost or stolen token via
- or by reporting it to the IT Department Service Desk.
- Defective tokens will be replaced by the IT Department.
- Return the defective token to avoid incurring a replacement charge. Please submit a request by visiting an the IT Department Service Desk.
- Tokens can be retired when an employee leaves the University. Please return the token to an the IT Department Service Desk or your department administrator.
- Duo hardware tokens can be reprogrammed for use by a new/different employee.
Can DUO see my password
- No. Your password is only verified by your organization and never sent to Duo. Duo provides only the second factor, using your enrolled device to verify it’s actually you who is logging in.
Does using Duo give up control of my smartphone?
- No. The Duo Mobile app has no access to change settings or remotely wipe your phone.
- Duo Mobile verifiers the security of your device, such as OS version, device encryption status, screen lock, etc.
How often will I be prompted for Duo authentication?
- Global Protect VPN – Every time you sign on, regardless of how many times a day you connect.
- Microsoft Cloud Services – once every 21 days for each service.
How much data does a Duo Push request use?
- Duo Push authentication requests require a minimal amount of data -- less than 2KB per authentication. For example, you would only consume 1 megabyte (MB) of data if you were to authenticate 500 times in a given month.
Why have I stopped receiving push notifications from Duo Mobile?
- There are several reasons this could be happening. Please try the following to troubleshoot:
1. Make sure your enrolled device has a cellular network or WiFi connection.
2. Have the Duo Mobile app open when you authenticate.
3. Try these additional push troubleshooting steps:
I've switched devices and/or need to reactivate DUO mobile. How do I do this?
- If you get a new phone, or if you’ve re-installed the Duo Mobile app, you'll need to re-activate Duo Mobile. You may enrol your new device yourself using the device management portal.
- You will need to log in using a MFA device already configured to your account. If the device you are replacing is your only MFA device and you no longer have access to it, submit a ticket to WHD for help adding your new device."
Can I have DUO/MFA on multiple devices?
- Yes, you can configure several devices on your Duo account via the device management portal. As well, multiple devices of the same type can be added.
What are the mobile device requirements for using DUO?
- Android: the current version of Duo Mobile supports Android 7.0 and greater. Duo recommends upgrading to the most recent version of Android available for your device.
- We cannot ensure compatibility of Duo Mobile with custom variants or distributions of Android. iPhone: The current version of Duo Mobile supports iOS 12.0 and greater.
- Support for older Duo Mobile versions ended February 1, 2021
What happens if I lose my phone or hardware token?
- Devices can be added or removed in the device management portal. If you are unable to log in to the device management portal at all, contact the IT Service Desk to have the lost device disabled, and to have an alternate added. You may choose to purchase a token to have as back up should you not have access to your phone.
What TRU resources are protected with Duo?
- Global Protect VPN
- Microsoft Outlook
- Microsoft OneDrive
- Microsoft TeamsN
- Microsoft SharePoint Online
How do I connect to the VPN using MFA?
- Follow the steps outlined in the Duo MFA and the VPN knowledge base support article.
I want to implement MFA, what should I do?
- Please visit the https://www.tru.ca/its/infosecurity/mfa/how_to_enroll_in_duo.html
on the IT website,
or send email@example.com an email for more information.
Where can I find DUO's Privacy and Security information?
- Please Visit
https://help.duo.com/s/article/4683?language=en_US to read more about DUO's Privacy and Security information