Frequently Asked Questions
Here are some of our most-frequently-asked questions about Duo, along with the answers!
Why it's important?
On average 20 Smith user accounts are compromised each month, often through phishing or web surfing. Once a cyber criminal has access to your account they can view your private and confidential information (such as pay stubs or W2s). They can also use your email to try and gain access to your online banking, social media, or other email accounts you may have; they may send phishing messages to your contacts or others, and use your account for sending spam or engage in other illegal activities.
Two-factor authentication adds an extra step to the Smith login process, most commonly tapping an alert on your smartphone, and is the best protection against account compromise. If you use online banking, you probably already use some form of two-factor authentication. Most account compromise attacks come from email messages or web sites, Mac users and Windows users are both equally vulnerable to having your account compromised.
DUO Presentation Slides (PDF)
Do I have to have a smartphone to use Duo?
No! No! It's easiest if you have a phone that can run the Duo app, or receive texts, but in a pinch, you can use a landline, or one of several other options.
I don't remember getting an email about this after signing up. Can I still get to the setup page?
Yes! Once you are enrolled, all you have to do is go to a Single Sign On protected resource, such as portal.smith.edu, and log in. You will then see the Duo startup screen.
What services are covered by Duo?
Any service that uses Smith’s Single Sign On for authentication will also require Duo for authentication once activated. The most common services included are Smith email, Portal and Moodle (our Learning Management System).
What are some of our recommended "Best Practices" for using Duo?
- Do register at least two devices for authentication verification.
- Do confirm or add a registered alternate “home email” address in Banner.
- Do send yourself a set of one-time codes you can keep in a safe yet accessible location.
What happens if I forget/lose/break my mobile phone/tablet?
We strongly recommend that you register at least one additional device (such as a tablet, a landline, a set of one-time codes, or a U2F Token) before something like that happens. You should then be sure to unregister the lost or broken device from your list of authorized devices.
I'm not seeing the option to have Duo remember me for 30 days?
If you have configured Duo to 'automatically send me a push' (or other 'automatic' action), the "remember me" feature isn't available. To change this, you first have to wait until the method you chose times out waiting for your response. Then click on the Settings & Devices link. Verify it's you, and then change "When I log in:" to "Ask me to choose an authentication method." Once you have done this, the "Remember me for 30 days" check box will appear.
I want to add another device (or change my settings), but I selected "Remember me for 30 days." How do I do it?
The "Remember me" option is tied to a specific browser on one computer. You can open a different browser and/or log into shibboleth on a different device, which will require you to authenticate; you should then be able to access the settings for your Duo account from the menu options on the left side of the Duo screen.
I click "Send Me a Push" but it's not showing up on my phone?
Check your phone’s settings to be sure that alerts are enabled for the Duo application. Also, try actually launching the Duo app to be sure that the push request is reaching your phone.
How do I get a list of One Time authentications codes?
You can select "Enter a passcode" which will text you a list of 5 new codes to your phone. Copy the codes to some place that is both safe and accessible to you, so you have them. Options include printing them, then putting the printout in your wallet or purse, add them to secure storage such as a password manager application, or copying the list of codes to your alternate email address. View Instructions
What happens if I'm away from all my registered devices?
If you’re out of options to authenticate -- your phone is back in your room, your codes are in your car, and you’re not at your registered land line, there is one additional option: you can contact the ITS Service Center 413-585-4487 during normal business hours. Once you have verified your identity to them over the phone, they can generate a short term one-time code that you can use to verify your authentication. This temporary code expires in an hour after being issue.
I'm travelling abroad and won't be able to use cell service, what are my options?
- Use a passcode from your list of one-time codes you printed and stuck in your wallet or purse.
- You don't need cell service to get a code from the app on your smartphone. Locate and open the app on your phone, tap the key button to the right of Smith College. A one time code will appear for your use.
- Before you leave, stop by the IT Service Center in Stoddard Hall 203 and pick up a U2F Token. or purchase a U2F token. Register the token as a new device, it is fast, easy, and does not require a push, text or callback for verification.
- If you’re stuck and don’t have other options, contact the IT Service Center during business hours 413-585-4487 they can give you a temporary passcode that is good for 1 hour.
I log into multiple accounts at the same time, can I still do this using Duo?
Some users are able to log in to multiple accounts in the same browser, such as your Smith email account and also your personal Goolge account if you have one. This is no longer supported by Google. We recommend that you use different browsers for separate accounts; for example, use Chrome when accessing your Smith account, and Firefox when accessing your personal account
I have proxy access to another account from my individual account. Will Duo affect my ability to have proxy access?
I am using Microsoft Internet Explorer and the screen does not display correctly.
For the best results we do not recommend using Internet Explorer's Compatibility View with Duo authentication. You may be able to turn off Compatibility View yourself.
From the Address bar: If the Compatibility View button displays (broken page icon)in the Address bar to the right of the page address, you can click the button to exit Compatibility mode.
From the Internet Explorer Tools Menu: In the Internet Explorer browser window press the Alt key to display the menu bar. Navigate to Tools → Compatibility View settings and make one or more of the following changes:
- Remove the website where you use Duo authentication from the "Websites you've added to Compatibility View"
- Uncheck the "Display all websites in Compatibility View" option if present and enabled.
- Uncheck the "Display intranet sites in Compatibility View" option.
Click the Close button to save your changes.
What is a U2F Token? Where can get one? How do I use it?
A U2F (Universal 2nd Factor) token is a small USB device that you plug into your computers USB port to authenticate to Duo. These can be picked up at the IT Service Center in Stoddard Hall 203 or purchased from the Smith College Computer Store. Here are instruction on to use it as a additional authentication device.