Two-factor Authentication FAQ

Are support options available from Duo?

For many common questions about the Duo application and authentication methods, Duo maintains excellent support documentation. Please review their documentation for application specific assistance.

Who is required to use Duo two-factor authentication?

If you've opted in, then you will be required to use two-factor for all web logins that use your netID.  If you've not opted in, you may still be required to use two-factor if you're accessing systems that potentially contain sensitive data.

I lost or forgot my two-factor device.  Now what?

If you have an additional device enrolled, use it to login.  Otherwise, call the IT Central Help Desk at (406) 243-4357 to receive a temporary passcode and to receive assistance in enrolling another device after verbally verifying your identity.

Who is eligible for two-factor authentication?

All employees and students are eligible to use two-factor authentication. 

Why do I need two-factor authentication?

It has become increasingly easy to compromise passwords. They can often be stolen, guessed, or hacked, and you may not even realize your password has been compromised. With two-factor authentication protected services, a compromised password won’t mean a compromised account.

Is the Duo Mobile smartphone app free?

Yes.

How long does it take to enroll and register a device for two-factor authentication?

The enrollment process should take no longer than 5 to 10 minutes for first-time users. If you are planning on using the free Duo Mobile application, we suggest you install that on your smartphone or tablet now so that enrollment will be simpler.

How do I get the Duo Mobile app on my phone?

Android: Launch the Play Store app and search for “Duo Mobile”. Choose the Duo Mobile app from Duo Security, Inc., (not Google Duo). Download and install the application.

iOS: Launch the App Store app and search for “Duo Mobile”. Choose the Duo Mobile app from Duo Security, Inc. (not Google Duo.) Download and install the application.

Other smartphone platforms: Search for “Duo Mobile” from Duo Security, Inc. in your device’s application store.

Why does Duo Mobile ask for permission to use my camera?

Duo Mobile only​ needs permission to use your camera when you set up your smartphone or tablet. It only uses your camera to scan the Quick Response (QR) code used for activation. After activation, Duo Mobile doesn’t access your camera. You can remove this permission and Duo Mobile will work fine.

What is a “passcode”?

A passcode is a code that can be generated from the Duo Mobile app or a hardware token. You may also get a ‘bypass code’ from UM IT Central that will be a passcode you can use to sign in to the Duo authentication prompt. To sign in with a passcode, simply type the code you were given from the device or UM IT Central into the ‘Enter a passcode’ or ‘Enter a bypass code’ prompt when you need to sign in with Duo.

How do I generate a passcode using the Duo Mobile application?

A passcode can be generated on the Duo Mobile application by pressing the ‘key’ symbol next to ‘University of Montana’ inside the Duo Mobile application. You should then be shown a set of numbers which can be used to sign in at the Duo authentication prompt. You can generate a passcode with the Duo Mobile application even if your phone is not connected to the internet and generating a passcode with the app doesn’t utilize any data or minutes on your cell phone plan.

Can more than one person enroll the same landline?

Yes, more than one person can set up and use the same landline. 

What should I do if I receive a request to sign in with Duo that I did not initiate?

Do NOT approve Duo Mobile push notifications or Duo phone calls that you didn’t initiate yourself. They may be fraudulent, unauthorized attempts to sign in as you. Only approve 2FA requests you initiate yourself, knowingly and intentionally. 

Can I use my own personal smartphone, tablet, or mobile phone for 2FA?

Yes, definitely. The University values personal choice and recognizes the convenience of using a personal device for 2FA.

Can employees use a personal device for 2FA, even for conducting University business?

Yes, again. Employees can use a personal device for 2FA, even for University business. A personal device enables safe and convenient two-factor authentication to systems used to conduct University business. From a cost and risk perspective, it’s often more effective than other 2FA options (such as landlines and hardware tokens). “Bring your own device” (BYOD) is a common operational model that acknowledges trends in society toward use of personal devices for user authentication.

Does use of my personal device for 2FA result in any data or other records stored on my device that are subject to disclosure as “public records”?

If you use Duo Mobile, there is no data stored on your smartphone or tablet. Period. We recommend use of Duo Mobile because it’s simple and secure, and one of the reasons for this is it creates no records on your personal device.

If  you receive phone callbacks, there is no data on your phone and you can delete the metadata from your phone’s history of recent incoming calls because it’s transitory and the administrative purpose is fulfilled as soon as you’ve completed the call.

In each case, the result is the same: no data related to 2FA on your device that’s subject to disclosure.

Do I need to take any special precautions regarding security of my smartphone, tablet, or mobile phone?

Yes. Using a personal device for 2FA comes with the obligation to take reasonable precaution to protect it. Such precautions normally include the use of a password or a PIN to unlock the phone, as well as maintaining current versions of your phone’s operating system and Duo Mobile.

My browser doesn't remember me. Now what?

The "Remember Me" functionality requires persistent cookies in your browser.  If your browser is not remembering that you checked the "Remember Me" box, then check the cookie settings of your browser.  Chrome's "incognito" setting, Firefox's "private window", and Internet Explorer's/Edge's "InPrivate" settings will affect this behavior and the "Remember Me" feature will not work. Duo Help offers an article with more information on how to configure your browser to accept cookies from Duo.

 

Was this helpful?
0 reviews

Details

Article ID: 60628
Created
Fri 8/17/18 11:07 AM
Modified
Mon 5/11/20 10:58 PM