Protecting Your Online Accounts with Two-Factor Authentication
Two-Factor Authentication at Syracuse University
Syracuse University currently uses two versions of two-factor authentication, DUO for the Delegated Management Console (DMC) and MySlice financial applications and Microsoft Two-Factor Authentication for some users Office 365 applications. Refer to the DUO and Microsoft support pages for further assistance regarding Syracuse University specific resources and configurations.
About Two-Factor Authentication
Many websites and online services offer two-factor authentication (2FA), also referred to as multi-factor authentication (MFA), two-step authentication, or 'added security verification'. 2FA is an added security feature that helps protect users’ accounts and confidential information. 2FA makes it more difficult for unauthorized users to gain access by strengthening the sign-in process with the addition of an extra verification of identity, in addition to username and password. 2FA adds another step by requiring the user to submit something unique and additional that only they would have, before access to the account is granted. In addition to something you know (your username and PIN, password, or pattern), access would require something you have (e.g., ATM card swipe, or one-time code (generated by an app on your smartphone or texted to your phone), or something you are (fingerprint or voice).
Currently, most online services that offer 2FA use a one-time code. We strongly recommend that you use 2FA for your online accounts, especially the critical ones (i.e. financial accounts). You should always read the backup options of 2FA for any service in the event of losing or having to reset your smartphone or account.
Traveling with Two-Factor Authentication
If you are traveling and plan to use applications or accounts that require two-factor authentication, be sure to have a way to authenticate your login and configure authentication methods prior to traveling. Note that if use call or text for authentication, your mobile device will often require service at your destination(s). Additionally, if you use an office phone method (if available), an alternative method will be required while traveling. Many, not all, mobile app methods do not require an internet connection. Check with the mobile application support staff before traveling.
Enabling Two-Factor Authentication in Third Party Applications
The table below is a list of popular websites that use 2-Factor Authentication, the term they use for it and some information on how to access it. If you find a popular website that offers 2FA that is not on our list, please email us the website at firstname.lastname@example.org.
Term Used for 2-Factor Authentication
How to Find/Turn On "2-Factor Authentication"
Go to aws.amazon.com
Two-Step Verification/Login Verification
Account Settings → Security Tab → Login Verification
Settings → Security → Two-Step Verification
Settings → Security Summary → Two-Step Verification
Settings → Security
Launch URL → Get Started → Sign In → 2-Step Verification Settings
|Google.com||Security Key (Universal 2nd Factor)||Physical USB-based 2FA component → Go to Google 2-Step Verification Settings → Must have FIDO Universal 2nd Factor (U2F)|
|Two-Factor Authentication||Settings → Two-Factor Authentication → Require Security Code|
Go to appleid.apple.com → Manage Apple ID and Sign In → Password and Security → Two-Step Verification
Help Desk → Multifactor Authentication Options → Select the applicable Authenticator option
LinkedIn Support → Turning Two-Step Verification On and Off
Microsoft Two-Factor Authentication (2FA)
Office Support → Multi-Step Verification
Syracuse University specific support and information found
PayPal → Security Key
"Getting Started with login verification" or Twitter Help Center
|Venmo||Multifactor Authentication||Settings → Security → Touch ID & PIN|
Support → Search "Two Step Authentication"
Second Sign-In Verification
Google 2-Step Verification
For another, more detailed list of websites and whether or not they support two-factor authentication, visit https://twofactorauth.org/.