{"id":25393,"date":"2025-04-23T14:47:17","date_gmt":"2025-04-23T18:47:17","guid":{"rendered":"https:\/\/www.montclair.edu\/information-technology\/?page_id=25393"},"modified":"2026-02-23T16:12:51","modified_gmt":"2026-02-23T21:12:51","slug":"duo-mfa","status":"publish","type":"page","link":"https:\/\/www.montclair.edu\/information-technology\/security\/duo-mfa\/","title":{"rendered":"Duo MFA"},"content":{"rendered":"<p style=\"text-align: center\"><span class=\"prpl-button ghost-red\"><a href=\"https:\/\/www.montclair.edu\/information-technology\/security\/?wp_logged_in=true\">Return to Information Security Home<\/a><\/span><\/p>\n<p style=\"text-align: center\"><strong>Duo Multi-Factor Authentication (MFA)<\/strong> is a service that adds an extra layer of protection to user accounts by requiring additional steps of verification before granting access.<\/p>\n<p style=\"text-align: center\">This helps prevent unauthorized access, even if passwords are compromised.<\/p>\n<hr \/>\n<p><span id=\"#faq\"><\/span><br \/>\n<a name=\"what-is-mfa\"><\/a><div class=\"prpl-drawer\"><div class=\"prpl-drawer-header\">What is MFA&quest;<\/div><div class=\"prpl-drawer-content\">\n<p><strong>MFA (Multi-Factor Authentication)<\/strong> is a security process that requires users to provide two or more forms of verification to access an account or system. These factors typically fall into three categories:<\/p>\n<ol>\n<li><strong>Something You Are<\/strong> \u2013 A username, NetID, or Biometrics such a fingerprint or facial recognition<\/li>\n<li><strong>Something You Know<\/strong> \u2013 A password or PIN<\/li>\n<li><strong>Something You Have<\/strong> \u2013 A phone, security hardware key\/token, or authentication app (Duo)<\/li>\n<\/ol>\n<p>By requiring multiple factors, MFA makes it harder for hackers to gain unauthorized access to your account, even if they have your password.<\/p>\n<p><strong><\/strong><\/p><\/div><\/div><\/strong><\/p>\n<p><a name=\"why-mfa\"><\/a><div class=\"prpl-drawer\"><div class=\"prpl-drawer-header\">Why Do We Need It&quest;<\/div><div class=\"prpl-drawer-content\">\n<p><strong>Duo MFA<\/strong> is important because it adds an extra layer of security to your university accounts, protecting them from hackers and phishing attacks.<\/p>\n<p>Here\u2019s why it matters:<\/p>\n<p><strong>1. Protects Against Stolen Passwords<\/strong><\/p>\n<p>If someone gets your password (through phishing, weak credentials, or other means), they still can\u2019t access your account without an additional authentication factor.<\/p>\n<p><strong>2. Easy and Fast Verification<\/strong><\/p>\n<p>Duo makes multi-factor authentication simple by sending notifications to your phone. Using duo push, enter the code on your computer screen into the Duo Mobile App when prompted. If you are using mobile codes, the code in your Duo App is entered on your computer screen.<\/p>\n<p><strong>3. Stops Unauthorized Access<\/strong><\/p>\n<p>If someone tries to log in to your account from an unknown device, Duo will alert you, giving you the chance to deny access and report the fraud activity back to a Duo administrator, keeping your information safe.<\/p>\n<p><strong>4. Works Across Multiple Services<\/strong><\/p>\n<p>The Duo mobile app can be used to protect other types of accounts beyond the university NetID\u00a0 account. When setting up MFA for banking, shopping, personal email accounts, or social media, use Duo when it is offered.<\/p>\n<p><strong><\/strong><\/p><\/div><\/div><\/strong><\/p>\n<p><a name=\"authentication-options\"><\/a><div class=\"prpl-drawer\"><div class=\"prpl-drawer-header\">Authentication Options<\/div><div class=\"prpl-drawer-content\">\n<h3><span style=\"color: #000000\"><strong>Recommended\u00a0<\/strong><\/span><\/h3>\n<p><strong>Smartphone\/Tablet<\/strong>: This is the most common, convenient, and secure method of using Duo.<\/p>\n<ul>\n<li>The Duo app allows you to verify through PUSH notifications or a code in the Duo App.<\/li>\n<\/ul>\n<h3><strong>Alternative<\/strong><\/h3>\n<p><strong>Non-Smart Cellular Device<\/strong>: If your cellular device cannot run the Duo app you may choose to receive SMS text messages (standard messaging fees may apply)<\/p>\n<p><em>Note: Montclair State University will never share the information entered in the device enrollment process, including cell phone and landline number(s), with other internal or external services.<\/em><\/p>\n<p><strong><\/strong><\/p><\/div><\/div><\/strong><\/p>\n<p><a name=\"duo-faq\"><\/a><a href=\"#duo-faq\"><div class=\"prpl-drawer\"><div class=\"prpl-drawer-header\">Duo FAQ<\/div><div class=\"prpl-drawer-content\">\n<ul>\n<li><a href=\"#initial-enrollment\"><strong>Initial Enrollment<\/strong><\/a><\/li>\n<li><a href=\"#no-duo-push\"><strong>I don&#8217;t have the Duo Push option, help!<\/strong><\/a><\/li>\n<li><a href=\"#push-vs-sms\"><strong>Duo Push vs Duo SMS<\/strong><\/a><\/li>\n<li><a href=\"#new-device-same-number\"><strong>Adding a New Device with Same Number<\/strong><\/a><\/li>\n<li><a href=\"#gave-away-duo-code\"><strong>I gave away my DUO code(s), help!<\/strong><\/a><\/li>\n<li><a href=\"#duo-fraud-button\"><strong>What Is the DUO \u201cFraud\u201d Button and When Should I Use It?<\/strong><\/a><\/li>\n<li><a href=\"#duo-personal-data\"><strong>Does Duo have Access to my Personal Data?<\/strong><\/a><\/li>\n<li><a href=\"#duo-international-use\"><strong>International Travel Duo Use<\/strong><\/a><\/li>\n<li><a href=\"#need-help\"><strong>Still Need Help?<\/strong><\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<hr \/>\n<h3><a name=\"initial-enrollment\"><\/a><strong>Initial Enrollment<\/strong><\/h3>\n<p><strong>Important<\/strong>: Please ensure to download the Duo app via your mobile device App Store prior to completing this process. <strong>(Available on <a href=\"https:\/\/apps.apple.com\/us\/app\/duo-mobile\/id422663827\">Apple iOS<\/a> and <a href=\"https:\/\/play.google.com\/store\/apps\/details?id=com.duosecurity.duomobile&amp;hl=en_US&amp;pli=1\">Google Play Store<\/a>)<\/strong><\/p>\n<p>Enrollment is performed via the Duo prompt<\/p>\n<ul>\n<li>You can set up multiple devices and choose which one is your default option<\/li>\n<\/ul>\n<p>Once you have installed the Duo app, access any Montclair service such as<a href=\"https:\/\/nest.montclair.edu\"> NEST<\/a> or <a href=\"https:\/\/www.myworkday.com\/montclair\">Workday <\/a>to start the setup process.<\/p>\n<ul>\n<li>You will be presented with a single-sign on login page where you will enter your NetID credentials<\/li>\n<li>Once logged in, you will see a Welcome screen, click <strong>Get Started<\/strong><\/li>\n<\/ul>\n<p style=\"padding-left: 40px\"><strong><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/www.montclair.edu\/information-technology\/wp-content\/uploads\/sites\/168\/2024\/09\/duo1.jpg\" alt=\"duo welcome screen\" width=\"500\" height=\"564\" \/><\/strong><\/p>\n<p style=\"padding-left: 40px\"><strong>Step 1<\/strong>: Add your device(s)<\/p>\n<p style=\"padding-left: 80px\">&#8211; If you are adding multiple devices they must be entered on this window<\/p>\n<p style=\"padding-left: 80px\">&#8211; Ensure that Duo Mobile (Recommended) is selected<\/p>\n<p style=\"padding-left: 80px\">&#8211; At this time, the University does not provide hardware security keys (YubiKey, FIDO2, Token2). While Duo supports these options, users have to purchase their own<\/p>\n<p style=\"padding-left: 40px\"><strong>Step 2<\/strong>: Enter your phone number including area code<\/p>\n<p style=\"padding-left: 80px\">&#8211; No parentheses or dashes required<\/p>\n<p style=\"padding-left: 40px\"><strong>Step 3:<\/strong> Confirm your phone number<\/p>\n<p style=\"padding-left: 40px\"><strong>Step 4<\/strong>: Confirm ownership<\/p>\n<p style=\"padding-left: 80px\">&#8211; Select <strong>Send me a passcode<\/strong><\/p>\n<p style=\"padding-left: 80px\">&#8211; Once passcode is received, enter in the 6 digit code<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/www.montclair.edu\/information-technology\/wp-content\/uploads\/sites\/168\/2025\/08\/Duo-3-digit.png\" alt=\"Duo 3 digit MFA code.\" width=\"499\" height=\"743\" \/><\/p>\n<p style=\"padding-left: 80px\"><em>&#8211; You will be prompted to download the Duo Mobile app if you have not already<\/em><\/p>\n<p style=\"padding-left: 40px\"><strong>Step 5<\/strong>: Duo Mobile QR Code<\/p>\n<p style=\"padding-left: 80px\">&#8211; Scan the QR Code on the screen or chose to receive an activation link<\/p>\n<p style=\"padding-left: 40px\"><strong>Step 6<\/strong>: You have successfully set up Duo once you hit Continue<\/p>\n<p style=\"text-align: center\"><strong>Note<\/strong>: You can optionally add additional devices for MFA. It is recommended to add an additional device in case your primary is unavailable.<\/p>\n<hr \/>\n<h3><a name=\"push-vs-sms\"><\/a><strong>Duo Push vs Duo SMS<\/strong><\/h3>\n<div>\n<table>\n<tbody>\n<tr>\n<td>\n<div>\n<p>FEATURE<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Duo PUSH<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Duo SMS<\/p>\n<\/div>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<div>\n<p>Security<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>High \u2013 uses end-to-end encryption and resists phishing and man-in-the-middle attacks<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Lower \u2013 vulnerable to SIM swapping, phishing, and SMS interception<\/p>\n<\/div>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<div>\n<p>Ease of Use<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Very easy \u2013 approve login with one tap in the Duo Mobile app<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Requires user to enter a passcode manually<\/p>\n<\/div>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<div>\n<p>Speed<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Fast \u2013 real-time push notifications<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Slower \u2013 wait for SMS delivery<\/p>\n<\/div>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<div>\n<p>Internet Required<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Works either way<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>No \u2013 works without internet (just cellular service)<\/p>\n<\/div>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<div>\n<p>User Experience<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Seamless and modern<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Less convenient, more prone to user error<\/p>\n<\/div>\n<\/td>\n<\/tr>\n<tr>\n<td>\n<div>\n<p>Recommended For<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Most users and secure environments<\/p>\n<\/div>\n<\/td>\n<td>\n<div>\n<p>Backup option if push or smartphone app isn\u2019t available<\/p>\n<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<hr \/>\n<h3><a name=\"no-duo-push\"><\/a><strong>I don&#8217;t have the Duo Push option, help!<\/strong><\/h3>\n<p>You will need to contact the IT Service Desk to let them know that the option isn&#8217;t available for you.<\/p>\n<p><a href=\"https:\/\/www.montclair.edu\/information-technology\/it-service-desk\/\">IT Service Desk<\/a><\/p>\n<p><strong>Phone<\/strong>: 973-655-7971, option 1<\/p>\n<p><strong>Email<\/strong>: <strong><a href=\"mailto:itservicedesk@montclair.edu\">itservicedesk@montclair.edu<\/a><\/strong><\/p>\n<hr \/>\n<h3><a name=\"new-device-same-number\"><\/a><strong>Adding a New Device with Same Number<\/strong><\/h3>\n<p><strong>Note<\/strong>: These instructions are for reactivating Duo Mobile on a new device with the same phone number. <strong>You will need to have the Duo Mobile app installed prior to completing this process.<\/strong><\/p>\n<p style=\"padding-left: 40px\"><strong>Step 1<\/strong>: Access a Montclair service such as <a href=\"http:\/\/nest.montclair.edu\">NEST<\/a> or <a href=\"https:\/\/iams-auth.montclair.edu\/auth\/XUI\/?realm=\/msu&amp;spEntityID=http:\/\/www.workday.com&amp;goto=http:\/\/iams-auth.montclair.edu\/auth\/saml2\/jsp\/idpSSOInit.jsp?metaAlias%3D\/msu\/idp%26spEntityID%3Dhttp%253A%252F%252Fwww.workday.com%26redirected%3Dtrue#login\/\">Workday<\/a><\/p>\n<p style=\"padding-left: 40px\"><strong>Step 2: <\/strong>Select <strong>Other Options<\/strong> via the Duo authentication screen<\/p>\n<p style=\"padding-left: 40px\"><strong>Step 3: <\/strong>Select <strong>Manage Devices<\/strong><\/p>\n<p style=\"padding-left: 40px\"><strong>Step 4<\/strong>: Verify your identity<\/p>\n<p style=\"padding-left: 40px\"><strong>Step 5: <\/strong>Select<strong> I have a new phone<\/strong> on the previously registered device<\/p>\n<p style=\"padding-left: 40px\"><strong>Step 6: <\/strong>Select<strong> Get Started<\/strong> on the phone setup screen<\/p>\n<p style=\"padding-left: 40px\"><strong>Step 7: <\/strong>Confirm ownership<\/p>\n<p style=\"padding-left: 80px\">&#8211; Select<strong> Send me a passcode<\/strong><\/p>\n<p style=\"padding-left: 80px\">&#8211; Once passcode is received, enter in the 6 digit code<\/p>\n<p style=\"padding-left: 80px\"><em>&#8211; You will be prompted to download the Duo Mobile app if you have not already<\/em><\/p>\n<p style=\"padding-left: 40px\"><strong>Step 8<\/strong>: Duo Mobile QR Code<\/p>\n<p style=\"padding-left: 80px\">&#8211; Scan the QR Code on the screen or chose to receive an activation link<\/p>\n<p style=\"padding-left: 40px\"><strong>Step 9<\/strong>: You have successfully set up Duo once you hit Continue<\/p>\n<hr \/>\n<h3><a name=\"gave-away-duo-code\"><\/a>I gave away my Duo code(s), help!<\/h3>\n<p>If you\u2019ve accidentally shared your Duo two-factor authentication (2FA) codes \u2014 whether in a phishing email, over the phone, or via a suspicious website \u2014 it\u2019s important to act quickly to protect your account and campus data. Even <strong>one shared code<\/strong> can allow someone to access your personal or university information.<\/p>\n<h4><strong>Steps to Take Immediately:<\/strong><\/h4>\n<ol>\n<li><strong>Change Your Password Right Away<\/strong><br \/>\nGo to the <a href=\"https:\/\/iams-amc.montclair.edu\/page-intro\">NetID Account Management Center<\/a> and change your password. This will prevent further access using your compromised credentials.<\/li>\n<li><strong>Report the Incident<\/strong><br \/>\nContact the <a href=\"https:\/\/www.montclair.edu\/information-technology\/it-service-desk\/\">IT Service Desk<\/a> to report what happened. This helps us secure your account and others.<\/li>\n<li><strong>Review Account Activity<\/strong><br \/>\nCheck for any unfamiliar logins or activity in your MSU account like email, learning platforms, or campus portals.<\/li>\n<li><strong>Re-register Your Duo Device<\/strong><br \/>\nYour Duo setup may need to be reset to ensure only you can approve logins.<\/li>\n<li><strong>Stay Alert for Follow-Up Scams<\/strong><br \/>\nIf you were tricked once, scammers may try again. Be cautious of future messages asking for codes, passwords, or sensitive info.<\/li>\n<\/ol>\n<ul>\n<li>Visit the <a href=\"https:\/\/www.montclair.edu\/phish-files\">Phish Files<\/a> for more information on scams<\/li>\n<\/ul>\n<hr \/>\n<h3><a name=\"duo-fraud-button\"><\/a>What Is the Duo \u201cFraud\u201d Button and When Should I Use It?<\/h3>\n<p>If you ever receive a Duo push notification you didn\u2019t request, it could mean someone is trying to access your account without permission. That\u2019s where the<strong> Fraud <\/strong>button comes in.<\/p>\n<p>When you see a Duo push on your phone that you <strong>did not<\/strong> initiate, tap <strong>&#8220;Deny&#8221; <\/strong>and then select <strong>&#8220;It seems fraudulent.&#8221;<\/strong> This action alerts the INFOSEC team and helps us investigate potential threats to your account and campus systems.<\/p>\n<p>You should then reset your <a href=\"https:\/\/iams-amc.montclair.edu\/page-intro\">NetID password<\/a> immediately. If an attacker can make a fraudulent Duo request, that means they know your login credentials already.<\/p>\n<h4><strong>Why It Matters:<\/strong><\/h4>\n<p>Using the Fraud button helps stop cyberattacks early and protects not only your account, but the whole university community.<\/p>\n<hr \/>\n<h3><a name=\"duo-personal-data\"><\/a><strong>Does Duo have Access to my Personal Data?<\/strong><\/h3>\n<p>The Duo Mobile App does not have access to your personal data or information. The app is safe to utilize on your personal mobile device.<\/p>\n<hr \/>\n<h3><a name=\"duo-international-use\"><\/a><strong>International Travel Duo Use<\/strong><\/h3>\n<p>You can still connect to Montclair application(s) or <a href=\"https:\/\/www.montclair.edu\/information-technology\/campus-vpn-remote-access-guide\/\"><strong>VPN<\/strong><\/a> using Duo as long as you ensure the following:<\/p>\n<ul>\n<li>You are in possession of the Duo registered device<\/li>\n<li>You have access to WiFi<\/li>\n<li>Your Duo app is up to date<\/li>\n<li>Use Duo Push notifications as they do not require international calling plans<\/li>\n<\/ul>\n<p style=\"text-align: center\">If you do not have access to WiFi you can use the Duo mobile code.<\/p>\n<hr \/>\n<h3><a name=\"need-help\"><\/a><strong>Still Need Help?<\/strong><\/h3>\n<p>For support regarding Duo, please contact the <a href=\"https:\/\/www.montclair.edu\/information-technology\/it-service-desk\/\">IT Service Desk<\/a> at 973-655-7971, option 1, or by email at<strong> <a href=\"mailto:itservicedesk@montclair.edu\">itservicedesk@montclair.edu<\/a><\/strong> for assistance.<\/p>\n<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Duo Multi-Factor Authentication (MFA) is a service that adds an extra layer of protection to user accounts by requiring additional steps of verification before granting access. This helps prevent unauthorized access, even if passwords are compromised.<\/p>\n","protected":false},"author":349,"featured_media":25401,"parent":448,"menu_order":5,"comment_status":"closed","ping_status":"closed","template":"","meta":{"inline_featured_image":false,"footnotes":""},"class_list":["post-25393","page","type-page","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/www.montclair.edu\/information-technology\/wp-json\/wp\/v2\/pages\/25393","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.montclair.edu\/information-technology\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.montclair.edu\/information-technology\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/information-technology\/wp-json\/wp\/v2\/users\/349"}],"replies":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/information-technology\/wp-json\/wp\/v2\/comments?post=25393"}],"version-history":[{"count":68,"href":"https:\/\/www.montclair.edu\/information-technology\/wp-json\/wp\/v2\/pages\/25393\/revisions"}],"predecessor-version":[{"id":25607,"href":"https:\/\/www.montclair.edu\/information-technology\/wp-json\/wp\/v2\/pages\/25393\/revisions\/25607"}],"up":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/information-technology\/wp-json\/wp\/v2\/pages\/448"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/information-technology\/wp-json\/wp\/v2\/media\/25401"}],"wp:attachment":[{"href":"https:\/\/www.montclair.edu\/information-technology\/wp-json\/wp\/v2\/media?parent=25393"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}