MFA

New DUO Universal Prompt

DUO is ending support for their traditional prompt on March 30, 2024.

WTS will be enabling the New DUO universal prompt on February 25, 2024.

Traditional Prompt

Screen shot of the DUO traditional prompt.

Universal Prompt

Screen shot of the new DUO Universal prompt.

Once WTS enables the new Universal prompt, DUO Push will be the default prompt for most DUO enabled applications on campus.

If DUO Push was not your default setting prior to this change, the first time you log into an application that requires DUO, you will need to choose "Other options" and then choose your preferred authentication method.  DUO Push is the recommended authentication method.

Note: Once WTS has enabled the new Universal Prompt, your default DUO device settings are no longer applicable.

What is MFA?

Multi-Factor Authentication (MFA) is an authentication method in which a user is granted access only after successfully presenting two or more pieces of evidence to prove their identity. Duo Security is being used to secure MFA enabled services at Western University.

Why Do I Need This?

Passwords alone aren't enough anymore, that's why Western is introducing Multi-Factor Authentication (MFA). Passwords can often be stolen, guessed, or compromised — you might not even know someone is accessing your account. Multi‐factor authentication adds a second layer of security, keeping your account secure even if your password is compromised. 

How Does It Work?

MFA provides you with the best level of security,it's fast and easy to use. When you log into an MFA protected site, service or application, such as Office 365, you will enter your User ID and password as you normally do and you will use a secondary factor as well. MFA adds a second layer of protection by combining something you know (your password) with something you have (your phone, or security token) to verify your identity. This combination will prevent someone else from gaining access to your account, even if they have compromised your password.

Once you have set up your Duo Security profile you are ready to go. You will login as usual with your User ID and password, and then use your device to verify that it's you. This can be done via SMS, voice call, one time passcode, the Duo Mobile smartphone app, and so on.

No mobile phone? You can also use a landline or tablet, or obtain a hardware token. Duo lets you link multiple devices to your account, so you can use your mobile phone and a landline, a landline and a hardware token, two different mobile devices, etc

Western Recommends
The vast majority of consumers who have MFA enabled on a service use their mobile device and the mobile Duo app. This method is by far the easiest and most convenient option for most people (in fact, most end up using this method even after choosing a different one initially).  Western recommends this method as the default second factor.  The mobile app is able to work even when the mobile device is offline (please see documentation for how this works).

 


Published on  and maintained in Cascade.