Summary
Multi-factor authentication (MFA) makes accounts more secure by requiring approval via a second method (generally a mobile phone) to log into particular, critical services. Duo is the system by which Mines allows for multi-factor authentication.
Body
WHAT IS MULTI-FACTOR AUTHENTICATION?
Multi-factor authentication (MFA), sometimes called two-factor authentication, requires the use of a physical device in addition to a password when logging into an account. Without both factors – the device and the password – you cannot login. This makes a stolen password alone effectively worthless.
HOW DO DEVICE CHALLENGES WORK?
Users may configure one or more mechanisms to prove that they have the device associated with their account. Once configured any one mechanism is sufficient to authorize a login.
-
Duo Push – An application installed on your mobile device will pop-up a message immediately after you have entered your password. The login process will stall until you press the OK button on the pop-up. Once you have pressed OK the login process completes automatically.
-
Hardware Token – Users who don’t have a mobile device can receive a small hardware token about the size of a USB memory stick that displays a random number. After you have entered your password the webpage or application you are logging into prompts you for the number currently displayed on your token. You can request a free hardware token at https://helpcenter.mines.edu.