Two-Step Login (Duo) provides an additional layer of security when you log in to some IU systems. Two-Step Login, also known as two-factor authentication, helps protect sensitive data and guard against increasingly sophisticated email and online scams (e.g., phishing attacks) that can leave you vulnerable to identity theft. IU has partnered with Duo to provide this service.
Description of the video:
[00:00:09]
>> You might be wondering, what is two-step login? Well, two-step login helps keep your IU username and passphrase safe from bad guys like identity thieves, even if they get your passphrase. The way it works is pretty simple. When you try to log in to an IU service, you'll be asked to verify your login on a device you own.
[00:00:31]
But why is two-step login important, you ask? Well, it'll help you avoid some very unpleasant situations. Let's follow Tracey Two-Step as she checks her email, and see a situation where two-step login will be helpful in keeping her info safe. Tracey's about to be the victim of a phishing attack.
[00:00:54]
If you're not familiar with the term phishing, it's an attempt by someone to pose as a legitimate entity in order to gain access to sensitive information. Tracey received an email that seems a little off, but she still clicked the link in it. She put her IU username and passphrase into the site...
[00:01:19]
No! Tracey put her passphrase into a site that wasn't an IU site at all. Two-step login provides an extra layer of protection in case you fall prey to a phishing attack, just like Tracey did. While Tracey is off changing her passphrase and setting up two-step login, let's see some examples of what bad guys could do with her username and passphrase.
[00:01:42]
Tracy's username and passphrase could be used to reroute direct deposit money, like her paycheck, to a bank account that's not hers. Or it could be used to commit tax fraud and claim Tracy's tax refund. It could even be used to change grades in Canvas. Now Tracey has two-step login, so when the bad guys who stole her login information try to do something with it, Tracey can stop them.
[00:02:12]
Two-step login saved Tracey's day, and it will help you keep your information safe too. For more information on two-step login, visit twostep.iu.edu.
Training and support resources
Looking for help with Duo? Find what you need:
- Enroll and manage devices: Two-Step Login (Duo) on the Security Center.
- Quick steps: View "Help for Two-Step Login (Duo)" on IU Knowledge Base.
- Get help now: Contact the Support Center on your campus.
- Request a training session: Request IT Training come to your class or group to provide a presentation.
- View video demos: Scroll down on this page to view how-to videos.
As of November 1, 2018, the new IU Security Center is replacing the Two-Step Login site as the place to access your two-step devices and settings. To enroll or manage your devices, visit securitycenter.iu.edu/two-step.
Video demos for getting started with Duo
Description of the video:
[ Music ]
>> This video walks you through the process of adding a phone number to Duo for voice and SMS authentication. To start the process, you'll want to visit securitycenter.iu.edu or search for the security center task in One.IU. If you're not already logged in through CAS, you'll be prompted to log in. Once you're logged in, you'll be brought to the security center home page. To add a phone number to your Duo account under the two-step log in adding, click on the Manage Devices and Settings button. When the devices and settings page loads, you'll be asked to authenticate using a device you've previously set up or to enter a passcode from your OTP token. In this case, I'll be entering a passcode from a token. Once you've authenticated with duo, you'll want to click on the Add Another Device link in the duo control panel. You'll be asked what kind of device you want to add. You'll want to choose mobile phone and then click the "continue" button. Next, you'll be asked to enter your phone number. Go ahead and type that in and then click the checkbox next to where Duo asks you to confirm your phone number. Then click "continue". Duo will then ask you to verify ownership of your phone number by entering a six-digit code that they will provide. You can have Duo call you with this code or send you a text message with this code. For this video, I chose to have a text sent to my phone. Click the button for the specific method you'd like to receive the code by, then type the code into the box under Step Two and click "Verify". Once Duo displays a green checkmark next to the "verify" button, you can click "continue" at the bottom of the screen. Your phone will now show up in the list of devices you can use with Duo, and is all set to receive text messages or phone calls for authenticating with Duo [music].
Description of the video:
[ Music ]>> In this video I'll be walking you through the process of adding a device to your Duo account, such as a smartphone or a tablet that can receive push notifications through the Duo Mobile app. Before getting started, you'll want to make sure you have the latest version of Duo Mobile installed on the device you want to add to your Duo account. To start the process, you'll want to visit securitycenter.iu.edu or search for the Security Center task in One.IU. If you're not already logged in through CAS, you'll be prompted to log in. once you're logged in, you'll be brought to the security center home page. To add a device to your Duo account, under the two-step log-in heading, click on the Manage Devices and Settings button. When the Devices and Settings page loads, you'll be asked to authenticate using a device you've previously set up or to enter a passcode from your OTP token. In this case, I'll be entering a passcode from a token. Once you've authenticated, either by entering in a code or accepting a log-in attempt from a push notification, you'll be brought to the My Settings and Devices screen. From here, you'll want to click on the "Add Another Device" link to start adding a new device to your account. From here, you can select the type of device you're adding. For our purposes today, I'll be adding an iPad to my Duo account. So I'll click on "tablet" and then click "continue". Next, I'll choose the type of tablet that I'm adding. In my case, it's an iOS tablet. Then, I'll click "continue". If you haven't already installed Duo Mobile on the device you want to use, you'll want to install it now. Once you have it installed, click the "I have Duo Mobile installed" button. On your computer screen, you should see a QR code. Here's where you'll need your additional device. On your device, open up Duo Mobile and then look for the plus sign at the top right-side of the screen. It's in the same place on both iOS and Android devices. Tap the plus sign to start adding your device. Duo Mobile may ask permission to use the camera on your device at this point. You'll want to tap "Okay" or "allow" depending on your device, to allow Duo Mobile to use the camera. Your camera should come up on your screen now. Point your camera at the QR code on the screen. Once Duo Mobile recognizes the QR code, it will add your account to the device. You'll also see a green checkmark in the QR code when your device was successfully added. Click "Continue" on your computer screen to finish the process. This will bring you back to the My Settings and Devices screen. In the list of devices, you should see the device you just added. Now you can use that device to receive push notifications for authentication when you log into Duo [music].
Description of the video:
[ Music ]>> In this video, you'll learn how to use Duo Restore to back up and restore your Duo accounts on your Android device. This is especially helpful if you've just bought a new phone or a tablet and need to set up Duo on your new device. Before you start, you'll want to make sure you have the latest version of Duo Mobile installed on your current device. Next, you'll want to open the Duo Mobile App. Once it's open, you'll want to tap the Menu button in the upper right corner of the screen, and then tap settings. In the Settings screen, if it says disabled under Duo Restore, you'll want to tap on Duo Restore to start the process of activating it. Now you can see the options for Duo Restore. To activate Duo Restore, tap the switch next to Connect to Google Drive. This will allow Duo to save non sensitive information about your Duo account to Google Drive so you can use it to restore your Duo accounts on a new device. If you have multiple Google accounts on your device, tap on the account you wish to use. Once you select an account, Duo will back up your data to Google Drive. Once the process is completed, you'll see information about when your Duo account data was last backed up to Google Drive. Now, let's learn how to restore your Duo account on your new device. Again, you'll want to make sure that the most recent version of Duo Mobile is installed on your device. Next, open up Duo Mobile on the new device. When the app opens, you'll want to tap on the Get My Account Back button. You'll be asked to choose a Google account to continue if you have multiple accounts on your phone. Choose the same account you used to back up your data on your previous device. Duo will check for backed up accounts and then restore your data. When it's finished restoring your data, you can tap okay, got it, to go through both dialogue boxes. Then go back to the list of accounts. Tap on reconnect next to your Indiana University account, and then tap continue to log in, and log into CAS with your IU username and password. You'll be prompted to open Duo Mobile on your old device or to use another device or method to continue logging in. For today, I'll cancel the initial request and choose to send a push to an iPad I have as my back up authentication method. Once you receive the request on the other device, whether it's your old device or a back up device, go ahead and accept the log in attempt. Once you do that, Duo will show you a button that says tap to finish. Go ahead and tap that and the process of restoring your account will be complete. Now you can use your new mobile device to receive push notifications for Duo authentication.
[ Music ]
Description of the video:
In this video, you'll learn how to restore your Duo accounts on your iOS device. This can be helpful if you recently got a new device, or had to reset your device.
When your device is backed up to iCloud or with iTunes on your computer, your Duo account information is part of that backup.
So, when you restore a new iOS device from a backup, your Duo account information will also be added to the new device. After restoring your device, you'll need to take a few more steps to finish restoring your Duo account.
First, you'll want to go to securitycenter.iu.edu on your computer, and log in with your CAS account.
Once you're logged in, you'll want to click on the Manage devices and settings button, then complete a Duo login and authenticate with your old device or an additional device you own. I'll be authenticating with a code I've received from my OTP token.
Once you've authenticated, either by entering in a code or accepting a login attempt from a push notification, you'll be brought to the My Settings and Devices screen.
From here, you'll want to click on the Add another device link, then indicate the type of device you'll be adding. For our purposes today, I'm going to choose "tablet", because I'm reactivating my account on an iPod touch.
Once you've selected the device type, click Continue.
On the following screen, select iOS for the type of device you're adding, then click Continue.
Duo will check to make sure you have Duo Mobile installed on your new device. When you restored your device from your iCloud or iTunes backup, Duo Mobile was installed as part of that process, so you can click "I have Duo Mobile installed".
Duo will then show a QR code on your computer screen. Now you'll need your device.
The first thing you'll need to do is open the Duo Mobile app on your device.
Next, tap "Reconnect" next to your Duo account in the accounts list.
Duo Mobile will ask for permission to use your camera - tap OK to let Duo use the camera.
After that, Duo will display a screen asking you to either scan a QR code or to enter a code. Tap on Scan QR code.
Your device's camera will activate - point your camera at the QR code on your screen. Duo Mobile will scan the QR code, and then reactivate your account. Now your Duo account is active on your new iOS device, and you can receive push notifications through the Duo Mobile app.