“MFA helps protect you by adding an additional layer of security, making it harder for bad guys to login as if they were you. Your information is safer because thieves would need to steal both your password and your phone.” - NIST Back to Basic
Learn more about how to use Duo Security and MFA.
MFA serves as an extra layer of security that not only requires a username and password, but uses a second source of validation, like a phone or token, to authenticate user identity before access is granted.
To help keep our users and data safe, the campus utilizes Duo's MFA solution.
MFA protects against phishing, social engineering, and password brute force attacks and secures the login from attackers exploiting weak or stolen credentials. Use of MFA will:
- Strengthen security of SDSU authentication methods and access to data;
- Increase compliance with IT Security standards; and
- Simplify the use of MFA through the use of Duo (easy to install and supported on mobile devices).
Yes. Duo Mobile is free to download in the Apple Store, Google Play Store, and Windows App Store.
Duo is enabled for G Suite. When you log into your G Suite account, you will be asked to authenticate using your Duo enrolled device.
Phone numbers provided for Duo MFA are stored by the Duo Security vendor. They are not used by or transmitted to any other SDSU service or system. See Duo's General Privacy Notice for more information on their privacy policies.
The Passcode via Duo Mobile App option works without a data plan, text plan, or even a connection. The app can generate the required code without the need of either a telephone signal or data plan, and it can do so anywhere in the world.
No. Duo provides a great deal of flexibility and you do not need a smartphone to use it. Duo can send a text message to a regular cell phone or place a phone call to your basic cell phone or landline phone.
If you don’t have a cell phone, you can use a tablet, your landline phone, or hardware token to MFA. When using a landline, you will receive an automated phone call that requires you to hit 1 to confirm your identity. The hardware token will generate a passcode that you enter into the ‘Enter a Passcode’ field on the Duo Authentication page.
Review the Device Overview and Recommendations page to determine which authentication method works best for you.
Phone calls and text messages are also sent to select non-US phone numbers. To avoid high roaming charges when out of the country, you can utilize the Duo Mobile App - Passcode functionality, as it does not rely on cellular service to generate passcodes. If that is not an option, a batch of 10 passcodes via text message (SMS) can be sent ahead of your travels. You can also use a hardware token to generate passcodes.
In addition, SDSU's current plan with Duo Security allows each user to utilize telephony credits per phone call and/or text message, which can be used for international travel. SDSU accounts come with a monthly credit allowance, which covers basic telephony, but users can also purchase backup credits to ensure that you have enough. For more information please view the telephony rate card on Duo Security's site.