FAQ's - DUO Multi-Factor Authentication
The goal of MFA is to create a layered defense and make it more difficult for an unauthorized person to gain access.
- Multifactor authentication strengthens access security by requiring two or more methods (factors) to verify your identity.
- These factors can include something you know - like a username and password, plus something you have - like a smartphone app to approve authentication requests
Multi-factor authentication provides another layer of security to help protect personal and institutional information.
Multi-factor authentication will be implemented on the Human Resources Peoplesoft application (HR Direct).
For step-by-step enrollment instructions, please visit our enrollment instruction page.
- Duo Push: If the Duo Mobile app is installed on your smartphone or tablet, you can receive a push notification and can either approve or deny the authentication attempt.
- Phone call: You receive a phone call from Duo. The call will give instructions on approving or denying the authentication attempt. It will also allow you to indicate if it were a fraudulent call. Available for smartphone, basic cell phone, and landline phone.
- Pass codes via Duo Mobile app: If you have the Duo Mobile app installed, you can receive a single pass code by tapping the key in the mobile app. This pass code must be used immediately. This is a good option if you do not have a good wireless or Wi-Fi signal on your phone. Available for smartphone & tablet.
A smartphone is the best choice since it provides the greatest level of security and allows you to use the Duo Mobile App. The app generates passcodes for login and can receive push notifications for easy, one-tap authentication.
Any cell phone or even a landline will work, however, it will not include the advantages of the app (passcodes, prompts, etc.) and may result in regular cell phone charges in order to call back and authenticate (depending on your phone service).
If you don’t have a cell phone, Duo allows you to use your landline phone. You would receive an automated phone call that requires you to hit “5” to confirm your identity.
Although not required, we recommend you enroll an additional device (such as a smartphone and desk phone) in MFA to avoid difficulties authenticating if you lose or don’t have your only enrolled device with you.
The Duo Mobile app provides the most user-friendly experience; however, there is no requirement to use it. As you go through the enrollment process, (1) indicate you are enrolling a Mobile Phone, (2) enter and verify your phone number, (3) specify Other (and cell phones) as your device type, and then (4) click Continue to Login to complete the process. When you log in, you will have both the phone call and passcode options available to you.
You have the option to “trust” the computer you are logging in from for 30 days. (This option requires you use the same browser and not clear your browser cache).
The Duo smart phone app provides options that work without a data plan, a texting plan or even a connection, if necessary. The app can generate the required code without need of either a telephone signal or data plan.
Go to the http://i.umassmed.edu/MFAReg/ and log in with your Email address and password. Do not respond to the automatic push or phone call. Instead, select My Settings and Devices. You will be asked to authenticate and select any option you want.
- Once you authenticate, you see the screen where you can manage this particular feature.
- Scroll to the bottom and change the “When I log in” option to “Ask me to choose an authentication method.”
- Click SAVE.
- Click Back to Login to test.
If you have an alternative authentication method, such as a landline, you can choose to be notified via that method. If you do not have an alternative number registered, please contact the UMMS Help Desk (508-856-8643). They will verify your identity and provide a temporary password.
Contact the Help Desk at 508-856-8643. They have the ability to immediately lock your Duo account and provide you with a temporary passcode to authenticate.