Skip to main content

Two-step login (also known as two-step login with Duo) provides enhanced protection for your Rutgers account and information by using a smartphone or other device to confirm your identity. This prevents anyone but you from accessing your account, even if your password has been compromised.

Link to this Answer

Using two-step login protects your information and makes the university more secure. Two-step login protects personal data, such as direct deposit information and social security numbers, as well as sensitive university data. By using two-step login, you’re protecting yourself and the university from hacking, phishing, and other cyber-attacks.

Link to this Answer

Duo Security is the provider of two-step login at the university.

Link to this Answer

Duo Security is the leading providing of two-step login in higher education. Two-step login is a requirement for accessing university resources at Harvard, Indiana, MIT, and Penn State, among many other institutions.

Link to this Answer

Any active Rutgers employees. It is also available for Rutgers’ guests and students.

Link to this Answer

Use your device’s app store for Duo Mobile Application download.

Link to this Answer

It is recommended if you frequently use the “Send me a Push” option for authenticating using DUO. Also, you will immediately know if someone other than you is trying to login using your credentials, in which case you can report a fraud.

Link to this Answer

Yes. You will need it to scan the activation code while activating your device for DUO via NetID Management.

Link to this Answer

As outlined in below, the mobile app (with a smartphone or tablet) is the preferred method:

iPhones, iPads, Android devices, Blackberry devices, Windows phones, cell phones, landlines, and hardware tokens are all supported devices.

Link to this Answer

Duo Mobile passcodes: These are one time-use passcodes generated by the Duo Mobile application. They can be generated by tapping the key button. You can use this code as your two-step login with Duo on all services.

SMS passcodes: These are sent to your device via an SMS text message. When you request these codes, you will receive 10 codes. SMS codes are single-use and must be used in the order in which they are listed.

Bypass codes: These are generated from the Duo Administration Service. Rutgers OIT Help Desk can provide these codes based on user needs. Once provided to you, you may print and save them in a secure location. Each bypass code is good for a single use for a specific duration set by the Help Desk. You can use these codes to authenticate with your two-step login with Duo on all services .

Link to this Answer

It is your choice. Please note that the push method requires that you have a network connection on your smartphone/tablet. Your smartphone/tablet will need a Wi-Fi or data plan for the push to work. In case you do not have a network connection, please use passcode to authenticate.

Link to this Answer

Setting up two-step login takes about five minutes. To sign up, visit the two-step login sign-up page from a computer.

Link to this Answer

You will need to have access to a computer to sign up. If enrolling a mobile device, please have that device available.

Link to this Answer

Once enrolled in two-step login, you will verify your identity via your mobile device or another method after entering your NetID and password. Watch the video.

Link to this Answer

If you use two-step authentication with Duo, you will be notified via one of the authentication methods provided by Duo Security. You can either approve the request or report it as fraud with a click of a button. If you use the “Call Me” feature, pressing the “0” key will reject the authentication request and will report it as fraud.

Link to this Answer

You are strongly encouraged to enroll more than one method of verifying your identity, just in case your primary device (i.e., a smartphone or tablet) is not available. You can use any device enrolled with two-step login to verify your identity. This is also referred to as having a Lifeline.

Link to this Answer

A hardware token is a special physical security device used confirm your identity with two-step login. Learn how to get a hardware token.

Duo supports any OATH HOTP-compatible tokens which are available to Rutgers employees. YubiKey USB tokens are also supported and will be considered available to employees in the future.

Link to this Answer

Sponsors can order hardware tokens for their guests.

Link to this Answer

No, current SafeNet or RSA tokens are not compatible with two-step login with Duo.

Link to this Answer

Duo hardware token have an expected battery lifetime of 2 years.

Link to this Answer

When logging in to a webpage or application requiring two-step login, choose the Enter a Passcode option and then press the button on your hardware token to generate a new passcode. Then type the passcode into the space provided on your screen to log in.

Link to this Answer

When authentication is requested, you will receive a phone call and you will have the option to either accept authentication by pressing “1” on your keypad. If you would like to decline, you can press “0” . You can use phone callback with any landline or any phone you have registered.

Link to this Answer

Yes, you can use either the “Call Me” authentication method available for non-smart phone or SMS passcodes. Please note that these methods are the least cost effective methods and are not recommended if you can use other authentication methods.

Link to this Answer

You’re able to generate passcodes to use to verify your identity. After successful authentication using NetID and password, you will see the Duo two-factor authentication page. Click on the “Enter a Passcode” button. You will see “Text me new codes” button appear on bottom right corner of the screen. Click it. You will receive SMS Passcodes on your mobile phone. Enter any one of these passcodes in the provided text box for passcode and click the “Log in” button. SMS text messages and voice call authentications made to your  mobile phone are billed by your carrier in the same way that any other text message or call would. Rutgers will not reimburse you for these charges.

Link to this Answer

When you login with two-step authentication you may select the “Remember me for 30 days” option. This option means that after you authenticate once, you will be able to access CAS protected web applications without having to authenticate again through 2-factor authentication for 30 days. You are still required to authenticate with your NetID and Password and your remembered device acts as a second factor. Please note that the “Remember me for 30 days” feature is a browser specific and not shared between different browsers. For example if you login with Chrome today and use Firefox later, it will ask you to authenticate again. See also troubleshooting if you experience any issues with this feature. rememberme

Link to this Answer

Two-step login with Duo authentication with “Remember Me” feature enabled still secures your method of authentication. Someone would need to get both your NetID/password AND access to your device in order to compromise your credential. When you login with with “Remember Me” feature enabled, your device becomes your two-step authentication method and is fully logged for auditing.

Link to this Answer

If you did not enable “Remember me for 30 days”, your session with two-step login with Duo is integrated with Rutgers’ current Single Sign-On (SSO) authentication solution. Generally, once logged-in with Duo, there is 8 hours of an active SSO session without the need to re-authenticate again. However, there could be some exceptions based on a web application’s session policy and web browser implementations. Also, if you close your web browser and then open a new web browser, you will be prompted to authenticate to establish a new SSO session.

Link to this Answer

If you lost your device or do not have it available for two-step login, contact your department’s IT staff or the Office of Information Technology Help Desk. The OIT Help Desk can provide you with a temporary bypass code that you can use until your device becomes available or you establish a new device.To avoid this situation, please enroll more than one device or method for verifying your identity.

Link to this Answer

Yes, you can use Duo two-step login when traveling abroad. All available authentication methods should work. If cellular service or internet access are not available, the “mobile push” method will not be available from your device. In this case, you can still use SMS passcodes or a hardware token. Note that you’re able to request ten one-time use passcodes to be sent by text message before you travel. You can also request a bypass code from the Office of Information Technology Help Desk. Learn about obtaining a bypass code before you travel.

Link to this Answer

In the absence of network or cellular connectivity, the push method will not work, but your device will continue to generate Duo passcodes . Alternatively you can also use a hardware token.

Link to this Answer

You are strongly encouraged to enroll more than one device such as a smartphone and tablet to avoid difficulties authenticating if your primary device is not available. If you do not have a secondary device, you will need to contact the Rutgers OIT Help Desk. You will be provided with a temporary bypass code. You can use this code for a specific period of time based on your need.

Link to this Answer

New device, same number:

  • Still have old device:
    • Log into the NetID Application Management Tool.
    • Click on Manage NetID+ Two Factor Authentication and login with your NetID and password.
    • Click on My Settings & Devices and use “Send Me a Push” authentication method with your old device.
    • Click on Device Options for your mobile device.
    • Click on Reactivate Duo Mobile and follow instructions to use with your new device.
  • Do not have access to old device:
    • Log into the NetID Application Management Tool.
    • Click on Manage NetID+ Two Factor Authentication and login with your NetID and password.
    • Click on My Settings & Devices and choose either “Call Me” or Enter a Passcode”.
    • Click on the Device Options of your mobile device.
    • Click on Reactivate Duo Mobile and follow instructions to use with your mobile device.

New device, new number:

  • Still have old device:
    • Log into the NetID Application Management Tool.
    • Click on Manage NetID+ Two Factor Authentication and login with your NetID and password.
    • Click on My Settings & Devices and use “Send Me a Push” authentication method with your old device.
    • Click on Device Options for your mobile device.
    • Click on Reactivate Duo Mobile and follow instructions to use with your new device.
  • Do not have access to the old device and do not have a secondary registered device:
    • You will need to call Rutgers OIT Help Desk at (833) OIT-HELP to remove the old device from your Duo Security account. The Help Desk will provide you with a bypass code which you can use to register your new device.
Link to this Answer

If you removed the Duo App from your device by a mistake, you can not use the “Send Me a Push” authentication method. You will need to reinstall the Duo mobile app and reactivate your Duo Mobile device:

  • Log into the NetID Application Management Tool.
  • Click on Manage NetID+ Two Factor Authentication and login with your NetID and password.
  • Click on My Settings & Devices and choose either “Call Me” or Enter a Passcode”.
  • Click on the Device Options of your mobile device.
  • Click on Reactivate Duo Mobile and follow instructions to use with your mobile device.

reactivatemobile

Link to this Answer

You can contact the the OIT Help Desk at (833) OIT-HELP to initiate a request for a token replacement. The Help Desk will initiate a request on your behalf to the Software Portal Support. Someone from the Software Portal Support team will contact you with instructions to request a new token.

Link to this Answer
  • Lost token.
  • Battery token is dead.
  • Token is damaged and you cannot read the digits displayed.
  • Button is not working.
Link to this Answer

You can use the self-service tool to re-sync your hardware token. Please follow the instructions here. If you are unable to use the self-service tool, you can contact the OIT Help Desk at (833) OIT-HELP and request your hardware token re-synced .

Link to this Answer

Please view how-to articles for more information.

Link to this Answer

For assistance, please reach out to your department’s IT staff or the Office of Information Technology Help Desk.

Link to this Answer

Enrolling in two-step login provides you with the protection for your account for the services that require additional security such as VPN, to fully protect your NetID account when signing to Rutgers Web applications, you will also need to opt-in by visiting the opt-in instructions . This process is known as NetID+.

Link to this Answer