DUO FAQs and Troubleshoot

Two-Factor Authentication (2FA) adds a second level of security during the login process to help prevent anyone other than you from accessing systems storing sensitive data. This is accomplished using 2 layers of security to verify your identity when logging into a system:

Enter your username (your MyMC ID) with your password
Use a physical device such as your cell phone, tablet, or landline phone to confirm your identity

The device that is most convenient for this purpose is a cell phone with the Duo Mobile app installed on it. Alternatively, a text message can be sent with a one-time passcode for you to type in.

MyMC, Microsoft 365 (M365) email, OneDrive, Virtual Private Network (VPN) and other select single sign-on (SSO) applications and online services such as Adobe, IT Service Desk, TMA (facilities), ADAstra, MiniTab, and MC Academic calendar (provided by Dude Solutions).

Once you access an application or service protected by 2FA you will enter your login credentials (username and password) and then be prompted for 2FA.

Duo Push
Offered by the Duo Mobile app installed on your mobile device. When logging to a 2FA protected application you will receive an authentication request on your Duo Mobile app. You will “tap” Approve, or Deny if you are not the one attempting to authenticate. Once you “Approve” you will gain access to the application or system.

Passcode from Duo Mobile app or SMS Passcodes
You may choose “Duo Mobile passcode” from the Duo Mobile app and enter the Passcode to authenticate or choose “Text message passcode” and enter the Passcode you receive via SMS.

Security Keys
Security keys such as, YubiKey, may be used to authenticate. The device is inserted into your USB port and the user “taps” the device to approve the authentication.

Hardware Tokens
Hardware tokens are available to users who do not have a mobile device. Please contact the IT Service Desk as needed.

Yes. It is recommended that you register more than one device, in case you lose the primary one.

Each time you authenticate to a Duo enabled application, i.e. MyMC, M365, or VPN, you will be prompted to authenticate with 2FA. However, you may select the “Yes, trust browser” option to skip Duo authentication for 7 days for the application when you login again with the same browser and device.

Note: Do not trust the browser when using a public or shared computer! This could leave your application/session available to other users.

You can manage your devices by visiting the MC Device Management Portal. The system will prompt you to authenticate first and then you may choose to edit the existing device or add a new device.

The new Duo Universal Prompt is set up to remember your previous authentication method used and will default to that method by automatically sending that method. For example, if your last authentication method was Duo Push, the system will automatically send this same method on future authentications.

To choose a different authentication method, choose “Other options”.

Note: MC has requested from Duo a feature request to not use the automatic default. Once we hear of any updates on this request, we will communicate the changes collegewide.

After entering your username and password, you can authenticate by:

Duo Push
This is the recommended option, offered by the Duo Mobile app installed on your mobile device. When logging to a 2FA protected application you will receive an authentication request on your Duo Mobile app. You will “tap” Approve, or Deny if you are not the one attempting to authenticate. Once you “Approve” you will gain access to the application or system.

Passcode from Duo Mobile app
You may choose “Duo Mobile passcode” from the Duo Mobile app and enter the passcode to authenticate. Note this is a helpful option in cases where you do not have cell reception or WIFI signal.

SMS Passcodes
You may choose “Text message passcode” and enter the passcode you receive via SMS. Note that starting April 2, 2024 this option is not available for VPN users. IT Security is working on phasing out SMS passcodes entirely. These changes will be communicated to all employees and students before the changes are made.

Security Keys
Security keys such as, YubiKey, may be used to authenticate. The device is inserted into your USB port and the user “taps” the device to approve the authentication.

Hardware Token
Hardware tokens are available to users who do not have a mobile device. Please contact the IT Service Desk as needed.

Follow the Duo Push instructions for setup.

Almost none. 500 pushes to your device will use 1 MB of data in total. This is roughly equivalent to loading one webpage on your smartphone.

Contact the IT Service Desk (240) 567-7222 and request a one-time passcode.

Lost or stolen Duo 2FA registered devices need to be removed from Duo as soon as possible. Please notify the IT Service Desk (240) 567-7222 immediately and request they remove the device for you.

No problem. Tap the MC icon in the Duo Mobile app to generate an authentication passcode. You do not need an internet connection or a cellular signal to generate a passcode.

You must register your new device in the MC Device Management Portal. You will need to verify your identity first. Contact the IT Service Desk (240) 567-7222 to receive a one-time passcode to register your phone.

Duo Mobile app – generate a passcode, even without an internet connection. Just tap the MC icon within in the Duo Mobile app to reveal the passcode. This works anywhere, even in places where you don’t have cell service.

You may also use a tablet. You may register multiple devices with your account. If you do not have a mobile device, please stop by one of the Campus IT offices to pickup a Hardware Token.

Takoma Park/Silver Spring Campus – Student Services Center 324
Rockville – Science Center 162
Germantown – Humanities and Social Sciences 020A
East County Education Center – 168

Updating...

DUO FAQs and Troubleshoot

Overview

Authentication Methods

Troubleshooting and Common Issues

Related Services / Offerings (1)

Deleting...