Duo - Two-Factor Authentication (2FA) - Getting Started

Duo Logo

Duo Security two-factor authentication adds a second layer of security to your NDUS/UND accounts. Verifying your identity with a second factor, like your phone or authentication device, prevents unauthorized access even with your password.

After enrolling an authentication device, you can verify via push notification, voice call, USB Security Key, or single-use passcode from a hardware token.

Helpful Information

Tips

Enroll Multiple Devices

International Travel Precautions

Common Issues

I'm getting an error saying my account is locked

  • If you fail to authenticate for any reason 10 times in a row, you will see "Your account has been locked out due to excessive authentication failures. Please contact your administrator."
  • Please contact UND Tech Support to unlock your account.

I have stopped receiving push notifications on Duo Mobile

  1.  Try turning the phone to airplane mode and back to normal operating mode again if there is a reliable internet connection available. Similarly, the issue may be resolved by turning off the WiFi connection on your device and using the cellular data connection.
  2. Check the time and date on your phone and make sure they are correct. If the date and time on your phone are manually set, try changing your device's configuration to sync the date and time automatically with the network.
  3. Restart the device.
  • If the push method does not work, try the call me, passcode, or security key option to avoid being locked out. If none of the methods work, contact UND Tech Support

Duo Prompt does not display as expected

  • iOS and macOS devices have configurable content restrictions that can potentially prevent the Duo Prompt from displaying correctly. Users might see a gray or white screen, or get the message, "You cannot browse this page at " duo.com " because it is restricted". Or "This site can't be reached".

My phone does not ring when Duo calls me

  • Check your blocked calls list for this number: 1(701)239-6697

Windows Duo screen shows "500 Internal Server Error"

  • Many times, this error occurs due to the use of McAfee Antivirus or McAfee WebAdvisor. Disabling or removing the McAfee software should allow the Duo window to pop up again.

I recently had a name change and now cannot log in

  • Because a username change creates a new login, you will have to re-enroll in Duo. Please contact UND Tech Support

Duo prompt displays the message "Access denied. Duo Security does not provide services in your current location"

  • In order to comply with U.S. regulations, Duo blocks authentications from users whose IP address originates in a country or region subject to economic and trade sanctions enforced by the U.S. Office of Foreign Assets Control .
  • Users attempting to authenticate to a Duo-protected application from an access device with an IP address originating in an OFAC-regulated country or region will be blocked from completing their login and receive an error message.
  • Web-based applications will display the following error message: “Access denied. Duo Security does not provide services in your current location.” Other applications may display a generic failed login message.
  • OFAC restrictions relevant to Duo currently apply to the following countries or regions:
    • Cuba (CU)
    • North Korea (KP)
    • Iran (IR)
    • Sudan (SD)
    • Syria (SY)
    • Crimea region (43)
    • Donetsk region (14)
    • Luhansk region (09)
    • Sevastopol region (40)
  • If you have questions about OFAC restrictions or request an exception, please work directly with the Office of Foreign Assets Control .

Common Questions

Do I need a smartphone or data plan to use two-factor authentication?

  • No. Having a smartphone makes for an easier and more secure experience with Duo Push. However, it is also possible to enroll a non-smartphone mobile device or landline to receive SMS passcodes or phone calls.

What devices are supported?

  • iPhone/iPad: The current version of Duo Mobile supports iOS 14.0 and greater
  • Apple Watch: Requires Duo Mobile 3.8 or later
  • Android: The current version of Duo Mobile supports Android 10 and greater
  • Any cell phone or landline using the Call Me feature
  • Yubikey
  • Hardware Token

What happens if I lose my phone, get a new one, or change my number?

  • If you've lost your phone, and fear someone might use it to gain access to one of your accounts, contact UND Tech Support immediately to change your password and update your authentication device.
  • You can add, remove, or reactivate devices from any Duo prompt screen. More information.
  • If you don't have another device enrolled with Duo, UIT will need to manually update the info and enroll/reactivate Duo for you. To protect your account and ensure others can't add their own device to your Duo account, you will need to call UIT and verify your ID before we can manually update your information. Call 701.777.2222 24/7 to update your Duo info.

Can I opt-out of using Duo on my UND accounts

  • No. Duo is required for all North Dakota University System accounts across the state.

Which UND systems are protected by Duo?

  • Campus Connection (Campus Solutions)
  • Blackboard
  • Device Management Portal
  • Microsoft 365, including email, Office 365 apps, Teams, OneDrive, etc
  • GlobalProtect VPN
  • HRMS HCM Employee Self-Service
  • LiquidFiles Secure File and Message System
  • DocuSign

What happens if I get an unexpected Duo prompt?

  • Receiving unexpected Duo push notifications or calls may indicate someone else is trying to gain access to your account. If you are not actively trying to log in to a system that requires Duo authentication, DO NOT APPROVE the request, choose DENY, and mark it as fraud.
  • Marking an authentication request as fraud will send a notification to UIT Cybersecurity, and lock your Duo account for 20 minutes. If you suspect someone is trying to gain access to your account, change your NDUS password immediately by calling 701.777.2222, or wait 20 minutes for your Duo account to unlock, then visit helpdesk.ndus.edu and select Change my password.
Info! If you've forgotten, and cannot reset your password with your recovery email, the UIT Service Center can reset your account password for you. Simply call us at 701.777.2222 any time, or start a live chat during normal business hours.
Was this helpful?
0 reviews
Print Article

Related Articles (8)

Steps to add, remove, or rename Duo authentication devices after initial enrollment.
With Duo Mobile, users that don't have a phone Wi-Fi connection or cell service can still authenticate a duo prompt.
Steps to enroll in Duo two-factor authentication. Users must be enrolled in Duo to log in to many UND services/systems, like email, BlackBoard, and Campus Connection.
General information about authenticating with Duo
A hardware token is a small key fob-like device with an internal passcode generator that can be associated with a two-factor (DUO) account. With the press of a button, it will generate and display a single-use passcode to complete the second step of a login.
Steps to reactivate Duo Mobile for an existing smartphone or tablet.
Duo Mobile is an app for smartphones and tablets that receives easy-to-use push notifications and generates passcodes for Duo-protected logins. It can generate passcodes without cellular or Wi-Fi service, making it useful when traveling.
A complete guide to getting all your accounts and tech ready for your first semester at UND.

Related Services / Offerings (1)

Report an issue with Multi-Factor Authentication (DUO MFA), request help setting up the DUO app on your smartphone, changing the authentication phone number or other authentication methods or get assistance with hardware authentication tokens.

Attachments (0)

No attachments found.