Skip to end of metadata
Go to start of metadata

Setup Walkthrough

Step 1: Configure DUO Authentication

Step 2: Check the Instructions for a DUO-Enabled Service

VCU Services for which DUO is Mandatory:
VCU Services for which DUO is Available (at a system owner's discretion):

Step 3: Log In to the Chosen Service in accordance with the Instructions

Two-Factor Authentication at VCU

DUO is a two-factor software product by Duo Security.  It is made available as a series of modules, or plug-ins, that can be integrated into various other software products.

When you're using a VCU application or system that has been configured to require two-factor authentication, you will open the application or connect to the system just as you normally would.  You'll verify your first factor (often a password) just as you have in the past.  You will then be presented with a DUO interface to verify your second factor (or to enroll in DUO if you have not already done so).

In order to utilize two-factor authentication, you have to configure DUO so that it knows how to authenticate you, just like you'd have to establish a password for the first time on a new account.

Please see the links to the right to get started with the different options for DUO.


"What is Two-Factor Authentication?"

In a traditional authentication model, you are asked to verify your alleged identity (often a username) by providing something that only you should know (often a password).  In this model, the password would be your first and only authentication factor.

Unfortunately, this model has some serious weaknesses when it comes to technology in the twenty-first century.  For the first few decades of computing history, a single factor was considered adequate to prove a person's identity- computers were often so slow that guessing somebody's password randomly (called brute forcing in industry parlance) was too time-consuming to be feasible.  Now, with the advent of faster computers, to say nothing of the increased impact of programming errors, social engineering attacks, et cetera as computers have become a part of most people's daily lives, this single factor system has become woefully inadequate.

The reasonable solution, then, is to require additional authenticating factors on top of the first, in order to prove your identity.  You've likely already been doing this for years without realizing it: at the bank, when you start a new job, when you apply for a passport or a drivers license, and in many other situations besides.  In those cases, you're simply asked to provide multiple forms of validation for your identity.  Two-factor authentication, in a technology context, is no different.  In addition to the thing that only you should know- your first factor such as a password- you will also be asked to provide something that only you should have, like access to your cell phone or key ring.  This second thing is your second factor.

So, in short, two-factor authentication is a way of proving your identity where you're required to provide something that only you should have, in addition to something that only you should know.

Select one of the following use cases to start using your new Two Factor authentication

  • No labels