UM multi-factor authentication

The range of MFA-protected services is continually expanding. The services that are currently protected with multi-factor authentication include:

• Campus virtual private network (VPN)
• Clockwork
• Concur
• EPIC
• LibCal (Library calendar - Booking tool for booking time with a librarian)
• Lib staffer
• Lumens
• Mailman (Admin)
• Microsoft 365 applications (Teams, OneDrive, Word, Excel, PowerPoint, Forms, Bookings etc.)
• SimCapture (RFHS)
• UM Intranet
• UM Zoom

Remember to keep your software up-to-date by installing the latest security patches and updates.  

According to Duo:

"We test for accessibility in a number of ways. For our visually impaired users, we test our software manually by using both magnification and screen readers, specifically Nonvisual Access’ NVDA screen reader and Apple’s VoiceOver. We also ensure users can successfully authenticate only using a keyboard by testing font colors and backgrounds against contrast checkers and improving contrast for keyboard focus."

From: https://duo.com/docs/accessibility#what-standards-does-duo-use-to-measure-accessibility?

If you have questions or concerns about accessibility or need an accommodation, please contact the IST Service Desk at 204-474-8600.

Read more about Duo's accessibility options:

• What are the keyboard shortcuts in Duo's browser-based authentication and enrollment interfaces?
• How do I enable keyboard accessibility?
• How does Duo test for accessibility?

Yes. Other authentication options include:

Text message

• You can choose to receive a passcode via text message to your mobile phone. This would require a texting plan on your device.

Phone call to a number

• You also have the option of using a landline for authenticating.  However, keep in mind that you would have to change your authentication number if you are away from your landline.  Using your work phone requires either being on campus, call forwarding or a soft phone setup like Jabber.

Other options

• Please contact the IST Service Desk.

Yes. It is available in the Apple App Store and Google Play.

Mobile phones are the most popular choice for multi-factor authentication because of the convenience. Most people seldom go anywhere without one. If using a mobile phone isn’t an option for you, please contact the IST Service Desk to discuss other options or read about the other options available in the "Getting started" section.

General concerns about the use of a mobile phone for your job, should be discussed with your supervisor.

Yes. You won't be able to receive push notifications so when you are logging in choose, Enter a Passcode in the Duo Prompt. Then open your Duo app and select Show under Passcode. It will give you a six-digit code to enter for authentication. You do not need an internet connection or a cellular signal to generate these passcodes.

SIM card with same phone number:
If the Duo app is already installed on your phone and the new SIM card uses the same phone number as the previous SIM card, Duo will work as normal.

SIM card with different phone number:
If you have the Duo app on your phone and change to a SIM card with a different phone number:

1. Push notifications in the app — Changing SIM cards should not have any effect.
2. Text (or call) notifications – You will need to register the phone number corresponding to the new SIM card, and then select which number to use when logging in.

More information is available in this Duo help guide.

If you encounter any difficulties when changing phones, please contact the IST Service Desk for advice.

If your phone is lost or stolen, contact the IST Service desk immediately for assistance.

Devices can be added or removed in the Duo management portal. Visit Adding a new device for detailed instructions.

Almost none. 500 pushes to your device will use 1 MB of data in total. This is roughly equivalent to loading one webpage on your smartphone.

Try these easy troubleshooting steps for iOS, Android, Windows Phone, or BlackBerry.  Still not working? Reactivate Duo Mobile or contact the IST Service Desk.

Yes, you can configure several devices on your Duo account from the Duo prompt by selecting Add a new device. As well, multiple devices of the same type can be added.

For detailed instructions visit: Adding a new device

If you get a new phone, or if you’ve re-installed the Duo Mobile app, you'll need to re-activate Duo Mobile. You may enrol your new device yourself from the Duo prompt.

You will need to log in using an MFA device already configured to your account. If the device you are replacing is your only MFA device and you no longer have access to it, contact the IST Service Desk at 204-474-8600. 

• How to add a New Device 

Assume that someone is trying to illegally access your account:

• First, choose “Deny” in the Duo app to block the request.
• After you deny the request, please report it by selecting “It seems fraudulent” from the list of reporting options. Note: If for any reason you “Deny” a Duo request that your own login activity triggered, select the “It was a mistake” reporting option.  
• Change your password in signUM immediately.  
• Call the IST Service Desk at 204-474-8600 and report the attempt!

The Duo app does not give the university access to your mobile device and does not provide any control over the mobile device. During the multi-factor authentication process, the only information provided to the University is that the authentication was completed. For more information, see Duo’s privacy policy.

Please see Duo's Privacy Data Sheet.