IUP utilizes Duo multi-factor authentication for users accessing IUP services.
Multi-factor authentication (MFA) is a technology that requires the user to provide two or more verification factors to gain access to an application. Instead of asking only for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful account compromise.
Learn more about why you need Duo, how it works, and how to add/replace devices:
Passwords are easy to compromise. They can be stolen, guessed, or hacked—you might not even know someone is accessing your account.
Two-factor authentication adds a second layer of security, keeping your account secure even if your password is compromised. With Duo Push, you'll be alerted right away (on your phone) if someone is trying to log in as you.
This second factor of authentication is separate and independent from your username and password—Duo never sees your password.
When accessing an IUP service, you will need to authenticate with Duo after you enter your credentials. When the Duo prompt appears, you will automatically receive a push to the device that you last sent a push to. Approve this push to access the service.
Other Options
At the bottom of the prompt, click the Other options link to:
- Use a different device to receive a push
- Use a passcode from the Duo app
- Add/Remove/Replace devices (See the Using Duo page for instructions)
When you receive a Duo push, the app will show the location (outlined in red on the screenshot) of the sign-in attempt.
If the location shown is not near where you currently are and you are not trying to sign in, push Deny. This will prevent the sign-in attempt.
Note: Sometimes, the locations shown on Duo are not extremely accurate. If you are trying to log in and the location shown is near to where you are, it should be safe to accept the push.
"Push Fatigue"
If an attacker obtains your password, they will need to get a successful Duo push before they can access your account. Some attackers will try several attempts in a row to get you to approve the push to make the notifications stop. Never accept a push if there have been multiple pushes within a short time and you are not trying to log in. This suggests that someone has obtained your password and is trying to sign in to your account. You should change your password as soon as possible.
Download Duo Mobile
Tap the badge to download Duo Mobile to your device.
Instructions for Using Duo
The first time you log in to your IUP account, you will need to set up Duo multi-factor authentication.
To begin, log in to your IUP email on another device than the one that you want to add. Enter your IUP email address and password.
When you get to the Duo prompt, click Next to advance through the information.
Select the Duo Mobile option to continue.
Enter your phone number and confirm that it is correct. If you are adding a tablet, click I have a tablet.
If Duo is not already downloaded to the new device, download it now. When it has been downloaded, click the Next button.
Open the Duo app on your phone. Click Continue and then Use a QR code. Next, point your phone's camera at the screen to scan the QR code.
Alternatively, you can click Get and activation link instead and enter any email address already set up on your phone. You will receive an email with a link to reactivate the Duo app (make sure to check your junk/spam folder).
Once the device has been added successfully to Duo, you will see this screen.
Congratulations! You have added your device to Duo. Every time you log in to your account, you will need to complete a Duo push.
If you get a new phone with the same phone number, you can use the Duo prompt to reactivate the new phone.
To begin, log in to your IUP email on another device than the one that you want to add. When you get to the Duo prompt, click Other Options at the bottom.
Next, click Manage Devices at the bottom of the list.
Choose Text Message Passcode.
Next, click Send a passcode. You will then receive a text message with a passcode to the number that was set up previously in Duo.
When you receive the code, enter it in the box and click Verify.
Now you are in the Manage Devices screen. Under the phone number and device name, click I have a new phone.
On the next screen, click Get started.
If Duo is not already downloaded to the new device, download it now. When it has been downloaded, click the Next button.
Open the Duo app on your phone. Click Continue and then Use a QR code. Next, point your phone's camera at the screen to scan the QR code.
Alternatively, you can click Get and activation link instead and enter any email address already set up on your phone. You will receive an email with a link to reactivate the Duo app (make sure to check your junk/spam folder).
Once the device has been added successfully to Duo, you will see this screen.
To return to whatever application you originally tried to access, click Back to login in the top right corner.
If you get a new phone with a different phone number and no longer have access to your old number and phone, you will need to contact IT Support for assistance.
If you get a new phone with a different phone number and still have access to your old number and phone, follow the directions below to add your new phone.
To begin, log in to your IUP email on another device than the one that you want to add. When you get to the Duo prompt, click Other Options at the bottom.
Next, click Manage Devices at the bottom of the list.
Choose Text Message Passcode or Duo Push.
If you chose the text message passcode option, click Send a passcode. You will then receive a text message with a passcode to the number that was set up previously in Duo.
When you receive the code, enter it in the box and click Verify.
Now you are in the Manage Devices screen. Click Add a device
Select the Duo Mobile option to continue.
Enter your phone number and confirm that it is correct. If you are adding a tablet, click I have a tablet.
If Duo is not already downloaded to the new device, download it now. When it has been downloaded, click the Next button.
Open the Duo app on your phone. Click Continue and then Use a QR code. Next, point your phone's camera at the screen to scan the QR code.
Alternatively, you can click Get and activation link instead and enter any email address already set up on your phone. You will receive an email with a link to reactivate the Duo app (make sure to check your junk/spam folder).
Once the device has been added successfully to Duo, you will see this screen.
To remove your old device, click the Edit button next to its name, then Delete.
To return to whatever application you originally tried to access, click Back to login in the top right corner.
Adding multiple devices to Duo allows you authenticate using the device that is closest to you.
To begin, log in to your IUP email on another device than the one that you want to add. When you get to the Duo prompt, click Other Options at the bottom.
Next, click Manage Devices at the bottom of the list.
On this screen, you can choose to authenticate using an existing device by selecting the Duo Push option, or you can choose Text message passcode to authenticate that way.
Once you have successfully authenticated, you will see the Add a new device option.
Select the Duo Mobile option to continue.
Enter your phone number and confirm that it is correct. If you are adding a tablet, click I have a tablet.
If Duo is not already downloaded to the new device, download it now. When it has been downloaded, click the Next button.
Open the Duo app on your phone. Click Continue and then Use a QR code. Next, point your phone's camera at the screen to scan the QR code.
Alternatively, you can click Get and activation link instead and enter any email address already set up on your phone. You will receive an email with a link to reactivate the Duo app (make sure to check your junk/spam folder).
Once the device has been added successfully to Duo, you will see this screen.
To return to whatever application you originally tried to access, click Back to login in the top right corner.
Once the device is added: When you need to use the second device, click Other options at the bottom of the Duo prompt, and then select Duo Push above the device that you want to use. The Duo prompt defaults to sending a push to the last used device.