Duo Security Two-Step Login

Two-Step Login is used to protect your account, even if your password is stolen. 

Register a Device Add Secondary Device

Using Duo

Set up Duo

The recommended method is to setup up Duo Mobile on a smart phone to receive push notifications. 

A push notification is a message that pops up on your smart phone and allows you to approve the login and finish the authentication process into a protected system, or deny the login if you suspect it is fraudulent.

Register Your First Device with Duo
Making changes in Duo

You can add multiple devices into Duo, such as a tablet or another mobile device that can also be used to approve Duo authentication. You can add and remove devices in Duo and also reactivate Duo when you get a new device. 

Make changes in Duo
Duo Push Notification

The Duo Verified Push notification will ask you to enter a number displayed on your screen instead of simply authorizing the login with a single click. This is designed to stop MFA fatigue attacks, where users mistakenly authorize fraudulent logons. 

Duo Requirements

It's important to be mindful of the devices you are using to ensure that they remain up to date with the most recent version of Duo that's available. Older devices may experience issues with Duo, such as not being able to activate the Duo Mobile app or not being able to receive Duo Push notifications that need to be verified and approved.

Verified Duo Push requires:

  • Duo Mobile 4.16.0 or later on Android 8 or later.
  • Duo Mobile 4.17.0 or later on iOS 13 or later.
Duo Verified Push

What is the Purpose of 2-Step Login?

Authentication

After entering your password into a system (step 1) that is protected by Duo, you will be prompted to approve the login using another device (step 2).

Protection

2-Step Login adds an extra layer of security. Even if someone has your password, they will not be able to get into a system that requires Duo. No one can get into the system unless the login is approved with Duo.

Protected Systems

Duo will challenge users during the login process if they are registered Duo-user and the service is protected by Duo:

RDP Gateway Connections
Stony Brook's VPN
VPN
SeaWulf
LastPass Enterprise
Single Sign-On
Virtual SINC Site

faq

Frequently Asked Questions

Managing Devices Using the Duo Self-Service Portal

I lost my phone or need to remove a device from my DUO Account. What should I do?

Managing Devices from the Single Sign On Screen

How do I add, remove, reactivate or rename a device in my Duo account? How do I change my Duo Settings?
How do I register my first device with Duo?

Using DUO in Other Situations

How can I use DUO when I don't have internet or cell service? (For example, when traveling internationally)
What do I do if I only registered one device or if I only authenticate using Face/Touch ID and DUO is asking for a "Bypass Code"?
What if I don’t have a smartphone? What other ways can I use DUO?

General Information

How do I save my DUO Authentication on my personal device so I don't have to authenticate as often?
How do I set up Duo so that I choose which device to authenticate from?
How do I turn on push notifications on my iPad or iPhone?
How does Duo Two-Step Login work?
Where can I learn more about DUO Security?

Troubleshooting

Duo mobile stopped working when I got a new phone. How do I reactivate it?
I received a message: Authentication Failure.. What do I do?
What if I receive an unexpected login request from DUO?

For More Information Contact

Customer Engagement and Support

Need Help? The fastest way to get support is by submitting a request through our ticketing system.

 Get Help With Duo

Additional Information

Files & Links
Duo Security guide
Check System Status
DUO Privacy Policy