I forgot to bring my mobile device or token to work. What do I need to do?

If you have an alternate authentication method (such as your desk landline or hardware token), please use that, otherwise please contact the OIT Help Desk for a temporary bypass code.

Logging in with a two-step bypass code

After receiving a bypass code from the Help Desk for a lost device, please follow the steps below to use this code as your two-step login method. You may use this token to enroll a new device if you have an available replacement.

1. 1. Navigate to the service you are trying to login to, such as Rutgers Connect or the MyRutgers portal. Enter your NetID and Password when prompted.
   2. To choose a different device or Duo method than the one shown automatically, click Other options. This takes you to a list of all your available Duo authentication options. Select the option for I have a bypass code.
      
           
           
      
      
   3. Enter the provided bypass code you received. Then press Verify.
      
         
      
      
   4. You should be successfully logged into the desired service, you may also use the bypass code to enroll a new device and remove old devices.

My hardware token doesn't work or needs to be resynced, what do I need to do?

If your token is not working it may need to be resynced, please follow the steps below to reenable your token.

1. 1. Login to the Two-factor authentication set-up and management page.
           Note: a popup may appear prompting you to authenticate with two-step, you can close this popup.
   2. Click Resync Hardware Token at the bottom left of the left menu.
      
           
   3. Select the appropriate serial number of your token (if you have more than one), then enter 3 sequential codes and click Resync Hardware Token.
           Note: There is a 10-30 second wait before a new pin can be generated, depending on your token model.
      
           
      
      
   4. You should receive the confirmation You have successfully synced your hardware token if successful. If not please try step 3 again, and if you experience further issues please contact the OIT Help Desk.
      
           

If my hardware token is lost or stolen, what do I need to do?

Please contact the OIT Help Desk to initiate a request for a replacement and request a bypass code if needed. If you have an alternate device setup for two-step, please use that device to remove the hardware token from your account.

Can I use two-step login without internet/cell service?

The Duo mobile app can generate passcodes on Android and iOS without needing access to the internet, they can be entered on the two-step prompt as indicated below. The hardware token will also function without issue.

   

Can I use two-step when traveling internationally?

You can use two-step while traveling abroad. All authentication methods are available internationally, though some require internet or cell service. When cellular service or internet access is not available, the mobile push, call, and SMS options will not be available to your device. In this case, you can still use the Duo mobile passcodes as indicated above, a hardware token or a security key if you have one. 

What are some of the common support issues?

View Duo's troubleshooting guide for more assistance.

Automatic push issues

If the prompt is set to do a push notification to your device automatically and you are trying to use another authentication method or you are trying to add a new device, you must first click Other options before proceeding, then choose an alternate available method to verify.

     
     

Remember Me issues

The first time you approve the Duo authentication request, you'll see the option to confirm the device is yours. This creates a trusted browser session that will let you skip Duo two-factor authentication when you log in again with the same browser and device until that trust session expires. You are still required to authenticate with your NetID and Password each time and your remembered device acts as a confirmation of your identity. Please note that this feature is a browser specific and not shared between different browsers. For example if you login with Chrome today and use Firefox later, it will ask you to authenticate again.

Do not select that this is your device when using a public or shared computer! This could leave your Duo session available to other users. Trust the browser only when you access applications from your own computer. Clicking on No, other people use this device will not create a trust session. You won't be asked to trust that device again for 14 days.

The Remember Me feature relies on cookies and when enabled correctly, you will not be asked to complete two-factor authentication the next time you are on the same browser. Please be aware of the following restrictions that can impact Remember Me feature and adjust your settings as necessary:

Chrome incognito does not provide support for Remember Me as cookies are cleared at the end of the session.

Internet Explorer has a “Delete browsing history on exit” in its General setting. If this is enabled, the Remember Me feature will not work.

Some browsers may have restricted security settings to only allow cookies from authorized sites. If so, please add add “duosecurity.com” as a trusted site.

Two-step integration form for non-web services

To integrate two-step (Duo) with a non-web service, please fill out the access request form.

More Frequently Asked Questions

Please see our two-step login FAQ page for a list of more frequently asked questions and answers.

Who do I need to contact if I need any help?

For any additional assistance, please contact the OIT Help Desk.