University of Alberta

Login Sign up

Duo MFA Frequently Asked Questions (FAQ)

Modified on: Thu, 26 Oct 2023 2:04 PM

Introduction

This article provides information on common questions regarding the University of Alberta’s Multi-factor Authentication service Duo MFA. Multi-factor Authentication (MFA) is a form of authentication that requires two or more verification methods to access a resource, application, online account, or a VPN.


Applicability

Duo MFA has been enabled for some services and some CCID holders within the University of Alberta domain. Eligible users will encounter a second authentication step to verify their identity when logging in to PeopleSoft, the Identity Management System, and other participating web based applications secured with Duo MFA, with more applications being added. This article is intended for anyone using or supporting Duo MFA. 

Duo MFA eligible users will receive email communications when their account is created. If you have not received any such emails, you are not eligible for Duo MFA at this time.


Details

Other Duo MFA Resources

FAQs

  • What applications require me to authenticate with Duo MFA?
    • Currently Duo MFA is required for PeopleSoft applications (Campus Solutions, Human Capital Management, Finance, and Bear Tracks), the Identity & Access Management (IAM) system, also known as IdentityIQ, the MyCCID website and some VPN and RDP contexts. Duo MFA will be required for Google Workspace apps (Gmail, Drive, Calendar, Docs, etc.) as of July 4th. In the future all VPN access will require Duo MFA, along with additional applications and services added over time.
  • What kind of device can I use with Duo MFA? 
    • The University of Alberta implementation of Due MFA uses the Duo Mobile MFA app for multi factor authentication. You will need either an iOS 14.0 (or greater) or Android 10.0 (or greater) device that supports the Duo Mobile MFA app. See Installing the Duo Mobile MFA app on your mobile device for more information. Alternatively, you can request a Duo MFA fob, which will generate passcodes that allow you to log in. Please follow the instructions in your enrolment email to request a fob.
  • I don't use my mobile phone to access Peoplesoft or for work, do I still need to install Duo Mobile MFA on my device?
    • Your mobile device is used as an extra authentication method when you log in to a Duo MFA protected application from ANY computer or device. You will need a supported mobile device with the Duo Mobile MFA app installed on it or a Duo MFA fob to access U of A applications secured with Duo MFA.
  • Why am I being asked to use Duo MFA to authenticate when logging in to Google Workspace Apps (Gmail, Drive, Calendar, etc), even though I've already done so within the past 14 days?
    • When logging in to Google Workspace Apps, your security token is kept active for 14 days by default. However, you may be asked to authenticate again in certain circumstances:
      • If you log in via a different web browser or device, you will need to authenticate again, as each browser/device keeps a separate token.
      • If you use the top-right menu in Google to 'Sign out' of your account, your token will be cleared from the browser/device you were logged in on.
      • Your browser/device may be configured to clear its cache automatically when you close it, which generally clears any tokens as well. This would force you to authenticate every time you reopen it.
  • I don't have the "Send me a push" option in the Duo MFA web interface, and I don't have a passcode to log in with.
  • I temporarily don’t have access to the device I use with Duo MFA and can’t log in.
    • Contact IST and request Duo MFA bypass codes. After verifying your identity, IST can provide you with codes that can be used to login to Duo MFA while you don't have access to your device.
  • The device I use with Duo MFA was reset, lost, stolen, or replaced and I can’t log in, what should I do?
    • Contact IST and request to have your device removed from your Duo account. Once your device(s) has been removed, you will be prompted to set up a device the next time you log in to a Duo MFA protected application. IST can also provide you passcodes which can be used to login until your device is replaced or fixed. 
  • I have stopped receiving push notifications in the Duo Mobile MFA app.
    • Please follow the troubleshooting steps found here. If you are still not receiving notifications after following these steps, please refer to your devices manufacturer for support.
  • I can’t find or I am not able to install the Duo Mobile MFA app from the App Store on my device.
    • Duo Mobile MFA is available for iOS devices running iOS 14.0 and greater and Android devices running Android 10.0 and greater. If you do not see the app in your app store, or you get the message that your device doesn't support the app, then you can't use that device with Duo Mobile MFA. If you do not have access to a supported mobile device, we recommend that you speak with your manager about requesting a Duo MFA fob. See Installing the Duo Mobile MFA app on your mobile device for more information and direct links to the Duo Mobile MFA app in the app stores.
  • I’m getting notifications in the Duo Mobile MFA app that my device or browser is out of date.
    • Duo Mobile MFA helps keep your information secure by checking your software to ensure it’s up to date. In most cases Duo Mobile MFA should provide you with instructions on how to update your software, but if you have any questions or concerns please contact IST.
  • I got locked out of Duo MFA from too many failed login attempts, what should I do?
    • After 10 failed login attempts, your Duo MFA account will be locked for 10 minutes, after which you will be able to login again. If you continue to have issues logging in with Duo MFA, please contact IST
  • I thought my Samsung device was encrypted, but the Duo Mobile MFA app is saying that my device is not encrypted and I can’t use it with Duo MFA.
Was this answer helpful?