FAQs

Two-factor authentication strengthens access security by requiring two methods to verify your identity. These methods can include something you know - like a username and password, plus something you have - like a smartphone app to approve authentication requests.
  

Two-Factor Authentication helps fight against phishing, social engineering and password brute-force attacks and helps to secure your logins from attackers exploiting weak or stolen credentials. 

Due to the number of attempted account compromises UF is increasing account security by augmenting the thing you “know” (your username and password) with a Two-Factor Authentication platform called Duo, allowing you to use a mobile phone app and more, to protect your personal data and institutional systems. 

All Faculty, Staff, Students, and Affiliates must enroll in Two-Factor Authentication to access University resources. 

UF Affiliations expected/eligible to use Two-Factor Authentication (GatorLink accounts only):

Once you are enrolled in Two-Factor, you will receive a push to your first push device if you simply enter your password.  If you do not have a push-capable device a telephone call will be made to your first-listed phone number asking you to confirm the login.

If you need to specify an alternate method you may also use a passcode, or specify a different push device or phone number by using append-mode on your password.

How to use append mode:

Enter your password and the authentication method you want to use, separated with a comma. It will look something like this:

In place of authentication_method:

You can also add a number to the end of these factor names if you have more than one device registered. For example, push2 will send a login request to your second phone, phone3 will call your third phone, etc.

We are adopting a phased approach to ensure a smooth transition. Depending on your primary affiliation with the university, you will be switched to the new prompt on: 

• Oct. 3   Primary Affiliation: Staff           
• Oct. 17 Primary Affiliation: Faculty 
• Nov. 7  Primary Affiliation: Students 
• Jan. 9   Remaining community members

You can use Touch ID but only for MacBooks/magic keyboard using Chrome. It is a limitation of the Duo prompt (https://guide.duo.com/touch-id)

You will be able to continue using the same Duo method as before such as passcodes.

When you login for the first time using the new prompt, click on Other Options and select the option you want to use for log in.  Duo will remember that option for as long as you don't change your browser or clear your cache.

Duo will select the most secure method a user has registered by default; however, during login you can select any other registered device/method. Check https://guide.duo.com/universal-prompt#login-with-the-duo-universal-prompt for the most up-to-date options. Remember that SMS is not enabled as a feature for UF.

The way device selection is done has changed with the Universal Prompt.  There is no longer the idea of "default device".

Instead, upon your first login with a given browser, DUO will automatically select the most secure method available for your account.  You can then change which method to use with the "Other options" link on the Universal Prompt page.  Subsequent logins from that browser will remember your selection.

If you change computers, switch browsers, clear cookies, or use a different browser profile (e.g. incognito/private browsing), DUO will again default to your most secure device in the new browser context.

You can read more about this behavior here: https://guide.duo.com/universal-prompt#login-with-the-duo-universal-prompt

For people already migrated to the new Universal Prompt, device management is built into the Universal Prompt.  To access it, login to login.ufl.edu and when you are taken to the DUO Universal Prompt, click 'Other options',  and then select 'Manage devices', which should be the last option in the list.  You will then be prompted to perform a DUO authentication after which you'll be redirected to the device management page within DUO.

Alternately, while UF rolls out the new Universal Prompt to all users over the next couple months,  anyone, regardless of which DUO prompt they get can access the old "My Two-Factor" link at https://it.ufl.edu/2fa/ to enroll or manage their devices.  However, please note that Universal Prompt will NOT honor a "Default Device" set via the old device management screen.  Please see "Why can't I select a default device?" in this FAQ.

To enroll in Two-Factor Authentication use My Two-Factor self-service.

It is highly recommended so you may utilize the Duo Push authentication. You may use a security key or a desk phone in addition to the Duo Mobile App. 

Yes!  It is strongly recommended you define more than one Two-Factor device in case you don't have your favorite device with you. Consider enrolling a security token (YubiKey) or a tablet.  You may define multiple devices.  Do not enroll another person's device or any shared devices. You should secure and protect your Multi-Factor devices as you would your computer, tablet or other personal or University owned equipment in your care.  Never leave them where someone else could gain access to them without your knowledge.

The app (DUO mobile) can be downloaded from the Google Play Store or the Apple Store for Android / iOS devices. If you have any questions, please call the help desk at (352) 392-HELP (4357) or helpdesk@ufl.edu.

Telephone calls sent to your phone do cost the University money and while it may only be a few cents, it all adds up. A Duo "push" to the Duo Mobile app on a smartphone uses a very small amount of data (less than 2,000 bytes).  If you authenticated 16 times per day resulting in about 500 authentications per month you would use about 1 MB of data.  The average data plan is about 1000 times greater than 1 month of Two-Factor push authentications.

Wireless Carrier/Network charges may apply for voice and data on your mobile phone.

You can visit My Two-Factor and remove the lost token or phone from your account if you have a second registered device. You may also add new devices. If not, then you can contact a Help Desk via phone or in-person for possible assistance.  Identity verification will be required.  Management of devices is an individual's responsibility.  See FAQ item for Backup of the Duo Mobile app.

Apple iOS devices

1. Make sure you are running the latest version of the Duo Mobile App on your current iOS device.
2. Back up your device to iCloud. Nightly iCloud backups will include Duo Restore information. Encrypted iTunes backups will also work. Note: Duo only stores non-sensitive account information on iCloud.

Android Devices

1. Make sure you are running the latest version of the Duo Mobile App on your current Android device.
2. Open the Duo Mobile App.
3. Tap the overflow menu in the top right corner of the main accounts list.
4. Tap Settings.
5. Tap Duo Restore.
6. Turn on Duo Restore.
7. You will then be prompted to select a Google account to store your backup on. Note: Duo only stores non-sensitive account information on Google drive.

Please have a look at this guide about using Duo abroad: Duo Travel Guide

Please verify that your device is connected to the internet. Your device will need to have a connection to a wireless or cellular network to receive push notifications.  On UF Campus you are strongly encouraged to enable Wi-Fi by visiting https://getonline.ufl.edu using the browser on your smartphone.

If this is a new device with the same phone number, you will need to reactivate your device.

If you still are not receiving Duo Pushes you can contact a Help Desk or your local technical support for further assistance. 

You need to re-activate Duo Mobile using My Two-Factor.  You should also turn on the Duo Restore feature for the future.  See the FAQ item named "How do I Enable Backups of the Duo Mobile app?"

See information about supported and unsupported smartphone platforms for Duo Mobile.

Yes, please see the documentation on accessibility below.

1. https://duo.com/docs/accessibility
2. https://duo.com/blog/accessibility-gotchas-at-duo

If you need any assistance or have any questions about Two-Factor Authentication or the Two-Factor Authentication project please contact us.