How To Setup Duo Multi-Factor Authentication (MFA)

Summary:

This article provides instructions on how to set up DUO Multi-Factor Authentication (MFA) at John Carroll University. DUO MFA enhances the security of your JCU network account by requiring two-factor authentication for login.

This Article Covers:

Prerequisites:

  • JCU network username and password
  • Access to a smartphone, landline phone, or security key (depending on your chosen method)

Procedure:

What is DUO Multi-Factor Authentication (MFA)

DUO MFA provides an additional layer of security by requiring two factors for authentication. These factors are "Something you Know" (your password) and "Something you Have" (smartphone app/phone, landline, or security key).

Smartphone Setup

  1. Begin by accessing the service as you normally do.
  2. You'll be prompted for your JCU Network username and password.

  1. The DUO MFA setup will start automatically if the service requires MFA.
  2. Click the "Next" button.

  1. You may be shown an introduction to MFA.  Click 'Next' on these screens.

  1. Select "Duo Mobile" and press "Continue." 

A note about MFA security:

While Duo MFA does support authentication by either a text message/SMS or a phone call, both of these methods can be spoofed and are not considered secure.  ITS strongly recommends the installation and use of Duo Mobile on your mobile device, or if given the option, a biometric method (iOS TouchID for example).  If you do not wish to install Duo Mobile on your mobile device, a USB Security Key can be obtained from the ITS Service Desk.

  1. Enter your smartphone's phone number.

  1. Verify the number is correct.
  2. Press "Yes, It's Correct."

  1. Download and install the DUO Mobile app from the App Store or Play Store on your smartphone.  Once installed, press next on your computer.

  1. Open the DUO Mobile app on your smartphone and press the "+" button.
  2. Use your smartphone's camera to scan the QR code displayed on your PC's screen (example above).
    1. This registers your smartphone.
    2. If you press the Get an activation link instead, it will send you an email.
      1. To use the activation link please open your JCU email on the device you want to connect to Duo, then click the link within the email sent from Duo Security.
  3. Confirm that the "John Carroll DUO Protected" setting is displayed to complete the setup.

  1. Once setup is complete, you will see:

  1. MFA Login Complete! Your smartphone is now set up for DUO Multi-Factor Authentication.

    1. Depending on your DUO Mobile version, you may be prompted for additional configuration or a device security assessment. These steps are not required for DUO setup.

Landline Phone Setup

While Duo MFA does support authentication by either a text message/SMS or a phone call, both of these methods can be spoofed and are not considered secure.  ITS strongly recommends the installation and use of Duo Mobile on your mobile device, or if given the option, a biometric method (iOS TouchID for example).  If you do not wish to install Duo Mobile on your mobile device, a USB Security Key can be obtained from the ITS Service Desk.
  1. Access the service as usual.
  2. You'll be prompted for your JCU Network username and password.
  3. The DUO MFA setup will start automatically if required.
  4. Follow the instructions above, but this time select "Phone Number" from the options screen.

Security Key Setup

  1. Access the service.
  2. Enter your JCU Network username and password.
  3. DUO MFA setup will begin if required.
  4. Follow the instructions above, but this time select "Security Key" from the options screen.

  1. Follow on-screen prompts to set up your security key.
  2. You are now set up for DUO MFA using a security key.

Adding Additional Devices / Settings

You can associate multiple devices/phones with your DUO MFA account. To add additional devices:

  1. Access the DUO Security login screen by visiting any JCU site that requires Duo (i.e. banner.jcu.edu or canvas.jcu.edu)
    1. You may need to close and reopen your browser or use a Private Browser window (incognito).
  2. On the Duo Security Login screen, ask the client to select the Other Options option, then the Manage Devices option.
  3. You will be asked to perform a normal Duo Authentication to confirm your identity.
    1. If you don't have your old device please call the Service Desk to obtain a by-pass code.

Uploaded Image (Thumbnail)

  1. Click the Add a Device button and follow the onscreen prompts.

 

You can also adjust your DUO account settings, including renaming devices and changing login priorities and preferences:

  1. Follow steps 1 through 3 above
  2. Click the Edit button on the device you wish to update.
**An Important Warning!**
If you ever receive a DUO MFA approval request that you didn't initiate, press "DENY" and contact the ITS Service Desk. This could be an unauthorizd login attempt.

Print Article

Related Services / Offerings (2)

Duo Multi-Factor Authentication (MFA)
Duo authentication is the University's multi-factor security authentication service.
Setup Duo
Instructions for setting up your Duo MFA access.