Authenticate With Multi-Factor Authentication (MFA)

Table of contents

How does multi-factor authentication work?

Multi-factor authentication (MFA) uses two levels of security to verify your identity:

At the University of Maryland (UMD), your Directory ID and passphrase serve as the first level of security. UMD uses Duo to provide the second level of security through your choice of various supported authentication methods.

This second level of security will require you to verify your identity through the Duo authentication prompt. To get started, view the steps in the Set your default Multi-Factor Authentication Device article. Contact the Service Desk for assistance with multi-factor authentication.


How do I manage my settings?

Manage your MFA settings and devices at the Set your default Multi-Factor Authentication Device site.


How do I authenticate?

You can choose an authentication method based on the devices you have enrolled in.

NOTE: Information on authentication before the Universal Prompt update is covered in Duo Guide to Two-Factor Authentication.


What device is best for me?

Use the table below to help select the MFA device that works best for you.

 Device  Authentication methods  Advantages and disadvantages

Smartphone, Tablet

  • Push a login request to a mobile device.
  • Enter a passcode using a mobile device.
  • Receive a call using the Call Me option.
  • Supports send a push, the recommended authentication method.
  • If there is no network connection to receive a push, you can still generate a passcode. 
  • Can complete all authentication methods.
  • Duo Mobile App is free.
  • Works on Android, iOS and Windows devices.

Cell Phone, Landline

  • Call Me
  •  You can use your office or mobile phone to complete authentication.
Hardware token 
  • Enter a Passcode
  • Push the button to generate a passcode that can be entered on your computer.
  • No apps to install.
  • Hardware tokens must be purchased and registered before use.
Bypass codes
  • Enter a Passcode
  • You can print pre-generated bypass codes from your MFA Profile.
  • No mobile devices or hardware tokens are required.
  • Bypass codes will be expired.
  • Limits on the number of bypass codes you can generate at a time.

Contact the Service Desk if you have any questions.