William & Mary

Duo Brings Two-Factor Authentication for Added Security

How Duo adds extra security to your accounts.As technology advances and the methods hackers use become more sophisticated, so must the strategies we use to keep our accounts safe. For that reason, William & Mary IT is working to employ Duo, a two-factor authentication system that will bring an extra layer of security for William & Mary accounts.

Two-factor authentication refers to the system of using two pieces of identification to log in to an account. You may have already seen it offered to you to protect your accounts on websites like Facebook or Google. Many banks also employ two-factor authentication.  

One piece of identification would be your W&M credentials (as usual). The other piece of identification could be a code sent to your phone or some other task you have to complete to prove your identity. As Duo Security, the company behind Duo, describes it on their website, “Password + Proof = Access.”

Using Duo will add an extra layer of security to your account. Even if someone learns your password, they won’t be able to log in without also having access to your phone or another device of yours. It’s a great security tool, especially because threats from phishing are on the rise and the risks of a breach are ever-present. 

Duo will be used on a variety of W&M systems. It has already been employed successfully on W&M’s Global Protect VPN (Virtual Private Network). The VPN allows students, faculty, and staff to securely sign-on to the W&M network while away from campus. Banner 9, the upgraded version of Banner that is being implemented this year, also uses two-factor authentication through Duo.

IT’s Director of Infrastructure Services Pete Kellogg said that they currently are evaluating what other systems might benefit from two-factor authentication down the line. “Any systems that are sensitive or contain sensitive information, we will consider for two-factor authentication,” Kellogg explained.

Though most users of Duo will probably find it most convenient to install the Duo App on their smartphone to enable two-factor authentication, there are also other options. “If you don’t have a cell phone, or if you don’t have a smartphone, it can still call your landline number,” Kellogg said. When you make your Duo account, you will be asked if you would like to set it up through a mobile phone, tablet, or landline. You can also register multiple devices and numbers if you wish to do so.

For more information about enrolling in Duo, check-out IT's Duo website.

If you do choose to use the Duo App, you can also prepare in advance if you know you will be away from your phone for a period of time. There is the option when you log in for the app to send you ten codes at once, which you can then screenshot or write down to use later. You are also still able to log in through Duo even if you find yourself without mobile service and/or wireless access. There is an option in the Duo App for it to generate a passcode (even while you are disconnected from service and wireless) that you can enter at your login.

“More and more universities are moving towards two-factor authentication,” said Kellogg. For those working with sensitive information, two-factor authentication is a great way to make accounts as secure as possible.

In the future, perhaps every virtual account you make or have will require two-factor authentication. For now, select W&M systems will do so. Fortunately, Duo is an easy-to-use system that allows even those entirely new to two-factor to comfortably set it up and incorporate it into their logins.