Multi-factor authentication (MFA) uses two levels of security to verify your identity:
At the University of Maryland (UMD), your Directory ID and passphrase serve as the first level of security. UMD uses Duo to provide the second level of security through your choice of various supported authentication methods.
This second level of security will require you to verify your identity through the Duo authentication prompt, which can be used to generate a push request to the Duo Mobile app. You should receive a push notification on your mobile device when you generate a Duo push request.
You can also enter a passcode generated from a Multi-Factor Authentication Hardware Token to complete the authentication process.
Manage your MFA settings and devices at the Multi-Factor Authentication Profile site.
You can choose an authentication method based on the devices you have enrolled in.
There are four different methods you can use for multi-factor authentication with Duo:
Pushing a login request to your phone or tablet is the recommended method for authenticating. After selecting Send Me a Push, you will receive a push notification on your mobile device, prompting you to approve or deny your login request. Select Approve to complete MFA and log in. For more information, see Self-Enroll in Duo Multi-Factor Authentication with Your Mobile Device.
The Duo Mobile app allows you to generate a passcode that can be used to perform a second level of authentication. To enter a passcode from your Duo Mobile App, follow the steps listed below:
A hardware token is a small key fob device that is used to generate passcodes at the press of a button.
NOTE: Hardware tokens must be registered before use.
As with all MFA methods, Tokens can be registered on their own or in addition to other MFA methods. To authenticate using a hardware token, follow these steps:
In the event that a secondary device such as a phone or hardware token is unavailable, you can use Multi-Factor Authentication Bypass Codes to complete the authentication process. Bypass codes are pre-generated and expire 180 days.
NOTE: Prior to obtaining bypass codes, you will need to enroll in MFA and register a mobile or landline phone number. The number will not be used for authentication and is for record-keeping purposes only. To learn more, view the steps in First Time Enrollment in Multi-factor Authentication.
You can obtain bypass codes by:
If you have added a Phone Number as an authentication method, Call Me will be offered as a possible authentication method. For more information, see How to Complete Multi-factor Authentication Using the Call Me Option.
Contact the Service Desk for assistance with multi-factor authentication.
For more information on Duo, visit the Duo Guide to Two-Factor Authentication.