How does two-step login work?
Two-step login requires a second factor such as your office or cell phone, a passcode, or a hardware token when authenticating to a service. You still use your password, but in addition to something you know (e.g., your password), the second step requires something you have (e.g., your mobile phone).
An example of two-step login you are likely already familiar with is a bank debit card. It isn’t possible to withdraw money from a bank account using only a PIN (something you know). You must also swipe a card (something you have).
Each time you use your NetID to log into a service that supports two-step login, you will be prompted to complete a second step. Two-step login protects applications that use single-sign on for authentication. It does not apply when logging into non-SSO services (e.g., WordPress), the wired or wireless network, or campus computers.
Two-step login can remember trusted devices. A “remember me” setting allows you to skip the second step for 30 days on a trusted device such as your Lafayette-issued laptop, desktop, or home computer. If you use another browser on the same device, or use a different device, you will be prompted to use two-step login again.
What devices or second factors can I use?
Two-step login supports a number of devices and methods of authentication.
- Push using Duo Mobile on an smartphone or tablet
- Passcode using Duo Mobile
- YubiKey/Universal 2nd Factor (U2F) Token
- Phone call to mobile or landline
What does ITS recommend?
ITS recommends that you use Duo mobile app on your smartphone and use phone callback to your office landline as a secondary option.
If you do not have a cell phone, or prefer not to carry one during the day, consider a U2F hardware token. It can go on a keychain and the cost is minimal. At their discretion, departments may purchase U2F tokens for staff.
Please review the information found on Two Step Login while abroad.
International student or living abroad?
We recommend that DUO Mobile as the primary means of Two-Step Login. The Google Play Store may not be available in some regions. Those with Android devices may need to already install Duo Mobile by other means while in these regions.
Another authentication method for two-step login is phone callback. Note that phone callback does not work with phone numbers having country code +82. Those with devices having that number are still able to use Duo Mobile or SMS passcodes.