Two-Factor Authentication (Duo)

To enroll in Duo we strongly recommend installing  the Duo Mobile App on your iOS or Android device (e.g. smartphone, tablet). The Duo Mobile app allows for best user experience and should be used by everyone as their primary method of authentication. Follow the instructions in the Knowledge Base article Duo Two-Factor Authentication Self-Enrollment Guide. 

Once you have enrolled in Duo using the Duo Mobile App we recommend setting up a secondary authentication method. There are several to choose from.

Choose "Send Me a Push"

Choose “Send Me a Push” in the Duo Mobile App for the quickest, most user-friendly experience. 

There are several additional methods of Duo authentication. After installing the Duo Mobile app, these secondary authentication methods may be used at times when you do not have access to your mobile device.

• Platform Authentication
• Fido Security Keys, commonly known as YubiKeys
• Phone Call and SMS
  • Please note: Phone calls and SMS text messages may no longer be an option by the end of 2025.    

Platform authentication allows you to log into your laptop or your desktop without the need for access to your phone. For the best user experience, it is strongly recommended to set up Duo Mobile App on your phone first, then use the following as secondary authentication methods.

ChromeOS device

Here are the steps to configure Platform Authentication on a Chromebook:

• Using your Chromebook, log into a UC resource like mail.uc.edu with your normal UC username and password.
• At the Duo prompt select "Other options".
• Select "Manage devices" from the list.
• You must now verify your identity using one of the authentication methods you already have set up such as Duo Push.
• On the device management portal page select "Add a device".
• On the add a device prompt, select "Device Verification", then select continue.
• Now you will be prompted to verify your identity.
  • If the device has biometric such as fingerprint reader, you will be prompted to use that method.
  • If your device does not have biometric you will be prompted to enter the device password. Note this is not your UC password, it is the password that you use to log into the Chromebook.      
• Click Continue and click "Back to Login".
• You will be prompted for your Chrombook password or fingerprint.
• Your device should now be configured to authenticate with Duo.

Apple Mac and iOS device

• Face ID and Touch ID on compatible iOS and iPadOS devices
• Touch ID on compatible macOS devices

Windows

• Windows Hello on compatible Windows devices

Android 

• Android biometrics, such as Pixel fingerprint or facial recognition, or Samsung fingerprint or facial recognition.

A security key is a physical hard token device that plugs into your USB port. When tapped or when the button is pressed, the security key sends a signed response back to Duo to validate your login. Duo uses the WebAuthn authentication standards to interact with your security keys. You may also see WebAuthn referred to as "FIDO2". A common brand name for these security Keys is YubiKey.

Fido Security Keys, commonly known as YubiKeys or Roaming Authenticators

•  FIDO2 security keys

University community members are able to add additional numbers to their Duo account. Duo can call or text these additional phone numbers for authentication. We do not recommend using this method of authentication. By the end of 2025 it is possible this method will no longer be a valid authentication method.