Information Technology

How do I enroll in Duo Security?

Getting started with Duo – Enrolling in Duo Mobile & using Duo Push


 

  1. When you are off campus, sign into myMarist or the web version of O365 (myMail), the Duo Security welcome screen will display
  2. Click Start setup
  3. Choose which type of Duo you are adding as your second factor of authentication, then click Continue
  4. Select your country and type your phone number, then click Continue
  5. Choose your Duo’s operating system and click Continue
  6. Install the Duo Mobile application. After installing the app, click I have Duo Mobile Installed
    1. Launch the App Store app and search for “Duo Mobile”
    2. Tap “Get” and then “Install” to download the app
  7. Activate Duo Mobile by scanning the barcode/ QR code with the app’s built-in barcode scanner, then click Continue
  8. Make sure the Duo chosen is the one you’ll use most often, and then we recommend changing the When I log in option to “Automatically send this Duo a Duo Push,” the click Continue to Login
  9. Your Duo is now ready to approve Duo push authentication requests. Click Send me a Push to give it a try. All you need to do is tap Approve on the Duo login request received at your phone.

More enrollment information can be found here: https://guide.duo.com/enrollment

Backup & Restore of DUO

How do I download Duo Mobile?

Launch the App Store app on your mobile Duo and search for “Duo Mobile.” Tap “Get” and then “Install” to download the app.

What is Duo Security?

Duo Security is a company that provides a cloud-based software service that utilizes Multi-Factor Authentication to ensure secure access to services and data.

What is Multi-Factor Authentication (MFA)?

Welcome to Duo

MFA provides an additional layer of security to any type of login, requiring extra information or a physical Duo to log in, in addition to your password. By requiring multiple layers of authentication, we can protect user logins from remote attacks that may exploit stolen usernames and passwords. Verifying your identity using MFA prevents anyone but you for logging in, even if they know your password.
 
Why do we need MFA?
 
Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames and passwords.
 
MFA enhances the security of your account by using a secondary Duo to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.
 
How will Duo change my login experience?
 

Two-Factor Authentication with Duo Push

When logging into an application that is protected by Duo (Marist public-facing websites – myMarist, O365) from on-campus, login experience will not change. When logging into an application that is protected by Duo from off-campus, you will need to complete a method of multi/two-factor authentication. You will still enter your Marist username and password, and then select a method for you to receive that second factor of authentication (i.e. Push Notification or Passcode). Once you approve the push notification or type in the passcode you can access the service.

 

Duo Push Notification:

 

Hardware Token Passcode:

 

If I am off-campus and signed into the Marist VPN (virtual private network), will my login experience change?

If you are off-campus and signing into the Marist VPN, you enter your Marist Account and password, use your Duo app for your second factor, and will then be single signed into the other public-facing systems you typically use at Marist.

How does Duo Security work?

  1. Enter username and password as usual
  2. Use your phone to verify your identity
  3. Securely logged in

Once you’ve enrolled in Duo, you’re ready to go. You’ll login as usual with your username and password, and then use your Duo to verify that it’s you.

What devices are supported?

iOS, Android, Windows Phone, and Hardware Token

What if I don’t have a mobile phone?

You can also use a tablet or you may purchase a hardware token at the Computer Store.

How can I purchase a hardware token?

Contact the Computer Store at compstore@marist.edu to purchase a hardware token.

What is Duo Mobile and Duo Push? Why are these two authentication methods recommended?

Duo Mobile is Duo Security’s free app that allows you to quickly and easily approve a second-factor authentication request using Duo Push. With Duo Mobile and Duo Push, there is no need to carry a bulky token or waste time manually entering passcodes. Just tap to authenticate right on your smartphone.

More information about Duo Mobile: Duo Mobile App - Duo Security

More information about Duo Push: Duo Push Demonstration

How does the hardware token work?

When you authenticate using a hardware token, click the Enter a Passcode button. Press the button on your hardware token to generate a new passcode, type it into the space provided, and click Log In.  You can also watch this brief video on how to Authenticate with Hardware Tokens.

Click here for more information: Using Duo With a Hardware Token

Who can I contact for technical support?

Please contact the Marist Help Desk for any technical support needs:

845-575-4357

helpdesk@marist.edu

How much data does a Duo Push use?

Almost none. 500 pushes to your Duo will use 1 MB of data in total. This is roughly equivalent to loading one webpage on your smartphone.

Does installing the Duo Mobile app give up control of my phone?

No. Duo Mobile has no access to change settings on your phone. Duo Mobile cannot read your emails, it cannot see your browser history, and it requires your permission to send you a notification. Lastly, Duo Mobile cannot remotely wipe your phone. The visibility Duo Mobile requires is to verify the security of your Duo, such as OS version, Duo encryption status, screen lock, etc. We use this to help recommend security improvements to your Duo and you are in control of whether or not you take action on these recommendations.

Why does the Duo Mobile app need to access my camera?

Duo Mobile only accesses your camera to scan a QR code during activation. Alternatively, you can click Send me an activation email. You can then continue your enrollment through this link.