Duo Two-Factor Authentication (2FA)

Two-factor authentication (2FA) is required to log in to Single Sign On and Microsoft 365.

Why is the University making this change?

2FA greatly improves data security for individuals and for the University. Account credentials get stolen way too often, and you may not even know that it has happened. Criminals use your credentials to steal information and can even leverage them to launch widespread attacks that compromise institutional systems.

2FA neutralizes the risks caused by compromised credentials and is so effective at enhancing security that 2FA is an industry best practice. For the University to maintain our necessary cybersecurity insurance, we need broad institutional adoption.

Are you new to Duo 2FA?

Two-factor authentication (2FA) protects you and your information with two identity checks at login. You first sign in with your username and password. Then, when prompted, you confirm your identity on another device, like your phone or a tablet. Even if your credentials are stolen, you can block someone from impersonating you and gaining access to your accounts. The University uses Duo for our 2FA service.

If you have not added a device to the UConn 2FA, start by grabbing the device you wish to add as your second factor (we recommend something mobile, like your smartphone or tablet). Then…

image of enrollment portal

 

  1. Go to the 2FA Management Portal on netid.uconn.edu
  2. Click Manage Devices and follow the directions to add a device.
  3. Then return to the portal main page and click the second button, Opt in to 2FA. This will turn on your full protection.

Related Articles

Check our Knowledge Base articles on 2FA for detailed, step-by-step instructions:

Setting Up 2FA on a Device (mobile phone, landline, or tablet)

Frequently Asked Questions for Duo Mobile Enrollment

Purchasing and Registering a Hardware Token for the 2FA Service

Add a Backup 2FA Device

2FA for International Travelers

What is logging in like with 2FA?

When full 2FA protection has been enabled, either by you or by ITS, you will enter your username and password normally in either the single sign-on or Microsoft 365 login screen. You will then receive a second authentication prompt from Duo. After you respond, Duo will ask if you want to "trust" the browser (e.g., Chrome, Edge, Firefox). Choose this option, and you will not receive another Duo prompt for approximately 30 days on that browser.

In this example, the user has the Duo Mobile app installed and responds with a “push.”

We recommend that you install the app on a mobile device. If you are prompted to authenticate in a meeting or while teaching, accepting on your device is the fastest, most convenient way to proceed.

You may also choose to receive a text message with a code or a phone call.

Related Articles

Logging in with 2FA

What should I expect when I have full 2FA protection turned on?

The first day that you full 2FA protection, you may be prompted to log in to multiple accounts, especially if you have several Microsoft 365 apps open. This is normal.

If you switch to either a different browser or a different device or both, any combination that is not currently “trusted,” you will need to sign in using Duo 2FA again.

If your email will no longer work and you keep receiving prompts, you may need support. Start by reviewing the article Email issues with 2FA. Then contact the ITS Technology Support Center if you need assistance.


What information is collected on my device from the Duo app?

Installing the Duo app on your device sends information about the phone model, OS version, and phone number (for texts) back to the Duo service. No other information about your device is collected.

IT support

Contact the IT support for your school or campus or the ITS Technology Support Center.

Contact the Technology Support Center