Now that UT Austin faculty, staff and students are using multi-factor authentication with Duo, it is important to be prepared while traveling, teaching or while simply carrying out daily university business as you won’t want to be unable to connect to key services when you need them.
You should have a backup plan in the event your primary authentication factor (e.g., your smartphone) is lost, stolen or replaced.
Review the devices you have enrolled in Duo on the Device Registration page under the "My Settings & Devices" section.
(Note if you have enabled automatic Duo Verified Pushes on your device you could trigger a loop - here's the solution to that problem.)
Authentication Options
The Duo Mobile app—available on Apple, Android, Blackberry, and Windows devices—will send you a verified push notification that can be used to authenticate yourself.
If your wearable device is paired with a smartphone with the Duo Mobile app installed, you could authenticate yourself on the wearable.
More specific support also exists for the Apple Watch (https://guide.duo.com/apple-watch).
If your MacBook Pro or MacBook Air has a Touch ID button then you can pair your it with Duo (https://guide.duo.com/touch-id)
Duo can call a pre-defined landline or non-smartphone and you can authenticate yourself by pressing any button.
A hardware token is a device that can either be inserted into your computer to authenticate you or generate a code that can be entered into the Enterprise Authentication page for authentication.
Yubikeys, Google Titan keys, and other compatible tokens are very convenient and worth considering. Yubikeys that have been pre-programmed for the UT Duo environment can be purchased at a significant discount in the Campus Computer Store.
Duo branded hardware tokens are also available from the ITS Service Desk (https://guide.duo.com/tokens).
Recommended Methods for Authentication
Duo can use a number of different factors to best accommodate your work style. Here are some recommended combinations:
Faculty
Faculty who teach should consider using their smartphone as their primary factor and then consider obtaining a Duo branded hardware token from the ITS Service Desk's Walk Up desk on the ground level of Flawn Academic Center. Once added to the Device Registration page, the hardware token can be added to your keychain so that it is less likely to be lost or forgotten.
Staff
Staff members should consider using their smartphone as their primary factor and then consider adding one or more landlines to the Device Registration page.
Staff members operating on campus with limited cell phone coverage should consider a hardware token.
Yubikeys, Google Titan keys, and other compatible tokens are very convenient and worth considering. Yubikeys that have been pre-programmed for the UT Duo environment can be purchased at a significant discount in the Campus Computer Store.
Duo branded hardware tokens are also available from the ITS Service Desk (https://guide.duo.com/tokens).
Students
Students should stick to using their smartphones as their primary factor.
Multi-Factor Authentication Best Practices
- If you are traveling for university business, be sure to take one of those enrolled devices with you on your trip. Note: If you are traveling internationally for University business, be sure to review the International Travel Guidelines to make sure you are following the guidelines for mobile devices.
- In the event you get a new device you can use one of your backup factors to remove your old device and add your new device.
- You can also recover your account from the Duo Mobile App if you want to carry it over to a new device.
- Please see this page for additional multi-factor self-help resources.
- Be aware of targeted "Vishing" (or 'voice phishing') attacks that seek to compromise your multi-factor controls. See our Vishing document for more details.
- Be very suspicious of unexpected Duo Verified Pushes that are sent to your device. Please reach out to the UT Information Security Office (security@utexas.edu) if this happens.