Multi-factor Authentication

Multi-factor Authentication (MFA) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence that can only be known or held by the user. These are generally defined as:

• Something you know (password or Personal Identity Number)
• Something you have (a security token or a smart device)
• Something you are (a facial recognition, swipe pattern or fingerprint)

This approach not only increases the strength of the user authentication process, but also removes the ability of cyber-attackers to steal authentication credentials for resale.

There is more detail in this Pulse article

Duo Mobile is a mobile application (app) that you install on your smartphone or tablet to generate passcodes for login or receive push notifications for easy, one-tap authentication on your mobile device.

No. Duo Mobile has no access to change settings on your phone. Duo Mobile cannot read your emails, it cannot see your browser history, and it requires your permission to send you notifications. Lastly, Duo Mobile cannot remotely wipe your phone.

The visibility Duo Mobile requires is to verify the security of your device, such as OS version, device encryption status, screen lock, etc. We use this to help recommend security improvements to your device and you always are in control of whether or not you take action on these recommendations

Almost none, Duo Push authentication requests require a minimal amount of data -- less than 2KB per authentication.

For example, you would only consume 1 megabyte (MB) of data if you were to authenticate 500 times in a given month.

This is roughly equivalent to loading one webpage on your smartphone.

No. Your password is only verified by your organisation and never sent to Duo.

Duo provides only the second factor, using your enrolled device to verify it’s actually you who is logging in.

Support will be available through UNE IT Support.

UNE's preferred method of authentication is Duo Push.  Staff are encouraged to use their mobile device for MFA to provide a quicker, safer and more secure authentication option (read more about why).

UNE Staff can request a DUO Security token as an alternative to using a mobile device if their smart phone is incompatible or they are unwilling to use their personal device.The security token can be used to generate a One Time Passcode (OTP) which you will need to enter into the login screen when prompted.

You will be required to complete an online request form that will require a valid reason for not using your mobile device and approval from a cost centre approver. Once approved the security token can be collected from UNE campus. When you collect your security token you will be required to validate your identity and your security token will be registered against your user credentials.

There is no charge for the initial issue of an approved DUO Security token.  It is the responsibility of the individual staff to ensure the safety and security of this token.  The tokens are not to be shared between staff members or used for any other purpose.

If you enrol your mobile device after being issued a security token, the security token will be disabled and must be returned to the UNE IT Service Desk for reissuing to another user.

Replacement of Tokens

If the DUO Security token is lost, broken or stolen, there will be a charge for the replacement DUO Security token (currently $30).  The cost of the replacements token will be borne by the individual.

Duo Mobile may use your mobile number in order to authenticate the device during initial set-up. UNE would not use your number for any other purpose.

Duo Mobile Privacy Information

When using MFA for the first time and enrolling your device the Duo Mobile app will use your camera to scan a QR code displayed on the screen.

Please contact IT Support and we can assist you with enrolling your replacement device into our DUO MFA service.

No, having a smartphone makes for an easier and more secure experience with Duo Push.

Read about why Duo Push is the best authentication method

However,  there is an alternative Duo Security Token than can be supplied.  To order your Duo Security Token please complete the Request a Security token for MFA form

You will receive emails in the lead up to the date that you will need to enrol in Duo.

On the enrolment day you will receive an email with a link and easy to follow on screen steps.

Guide to Two-Factor Authentication · Duo Security

If you have a smartphone or or tablet, we recommend Duo Push, as it is quick, easy-to-use, and secure.

Read about why Duo Push is the best authentication method

If you have access to the “My Settings & Devices” link (the self-service portal) at the Duo Prompt and are currently able to authenticate with a device, you may:

Add additional devices

• Designate your “default” device that receives authentication requests in addition to your preferred authentication method
• Deactivate Duo Mobile if you got a new phone but kept your number
• Change the name of your device (ex. “Personal Cell” or “Work Phone”)
• Remove a device

Learn more about managing your devices

Yes the Duo Security Token will still work.  However, the computer that you are trying to access will need to have access to the internet.

When logging in to an application that is protected by Duo, you will still enter your username and password. After inputting your login information, Duo requires you to complete a method of second-factor authentication. Duo does not replace or require you to change your username and password. Think of Duo as a layer of security added to your pre-existing login method.

Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames and passwords.

Two-factor authentication enhances the security of your account by using a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.

DUO works with Microsoft Office 365 but does not work with Office 2016 or Office 2013 without additional technical configuration. Earlier versions of Microsoft Office are not supported.

If you don’t have Office 365 at home, we recommend you claim your free license for up to five Microsoft Office 365 installations at home.  Contact UNE IT Support for more information.

Watch this video Guide to Multi-factor Authentication-Enrolment Guide on our vendors web page to get a feel for the process.

To prevent a criminal from accessing your personal information and UNE's sensitive
information from a lost/stolen phone, a passcode or equivalent is required on the device being used for MFA.

For any questions relating to tax, please seek advice from a qualified tax agent.

Duo does not operate in all countries. If you intend on travelling overseas to any of the countries linked below and require access to your UNE account at the time, please contact our IT Support team.

The list of countries where Duo does not operate can be found here.