March 2020 update: Working From Home
If your office landline is the only device that is set up for Duo 2F, and your office line is not forwarded to your personal phone number while you are working from home, you will need to request a bypass code from the ITS Help Desk at 315.443.2677.
You are strongly encouraged to use the bypass code to add a 2nd device, preferably the Duo Mobile App on your cell phone. You can also set up any personal device, e.g. home landline, cell phone, tablet, etc. The bypass code can be used with the Add a New Device menu option on the login page for Financials/Supply Chain. See Use a Bypass code to add another two-factor device for more information.
What is Duo Two-Factor Authentication?
Two-factor authentication (2FA) helps ensure that no one besides you can access your account. It adds a second level of security to the authentication or login process. 2FA is commonly referred to as “Something you have and something you know” as you need to “have” your smartphone, landline, or cellphone with you and “know” your standard username and password. A user must provide the correct password and also confirm (via an app on a smartphone, receiving a phone call, text message, etc.) that they are who they say they are before being granted access. You may have worked with something like this before if you do any online banking - as many banking websites now send you a text or make a call to verify your identity in addition to requiring a password.
Why is SU Using Duo Two-Factor Authentication?
SU is improving security to help prevent account theft and theft of personal information. Having only a password between the user and critical data is no longer enough. Currently, 2FA is being applied to the PeopleSoft Financials system, but plans include 2FA being used for all confidential and sensitive system access on campus. For these systems, SU will begin requiring the use of a "second factor" in addition to your NetID password during the login process. Users will use something called "Duo" to authenticate. You will use an app on your smartphone, or receive a text on your regular cellphone, or get a call on a landline as the "second factor" to allow you into the system. You will register these numbers ahead of time, and no one will be able to log into your account unless they can also use your device (Smartphone, Cellphone, Landline) at the same time. This makes it very difficult for someone you don't know to gain access to your account - even if they somehow know your password.
Have Questions about How Duo Two-Factor Authentication Works at SU?
DUO Two-Factor FAQs (login required)