Using The Duo Mobile Application

Introduction 

The University of Wyoming utilizes the Duo Universal Prompt for our Two-Factor Authentication. To learn more about Duo Verified Push System, please navigate to the Official Duo Webpage, HERE

 

For more information on our Two-Factor Authentication System, please go to our provided FAQ 

 

Jump to Section

1. What are the Benefits? 

2. Using Duo Verified Push 

 

What are the Benefits Using Duo Verified Push?

The UW community (Faculty/Staff and Students) are receiving additional protection with the implementation of Duo Verified Push

  •  Enhances security by requiring you to enter a specified code in your Duo Mobile app on your mobile device during the log-in process​​​​​​

Bad Actors (A.K.A Hackers) are now successfully targeting Duo two-factor authentication

  • Previous Tactics: attackers would use phishing emails or spyware to obtain your username and password but be unable to access UW resources when they were asked to complete two-factor authentication

  • Updated Tactics: Now, once an attacker has obtained your username and password through phishing, they will try to login and initiate the Duo verified push process.

    • Attackers are also contacting their targets directly through SMS, trying to trick them into inputing Duo Codes into Duo Mobile to verify login.

These tactics are becoming more successful, potentially allowing attackers access to resources and data. 

 

Using Duo Verified Push to Access UW Resources

To see how Duo Verified Push works, you may try the interactive demo provided by the official Duo Website, HERE 

  • Once on Duo Website, select the "Next" button in the simulation to begin interactive demo

Continue to the steps below on how to use Duo Verified Push 

 

Step 1: Begin logging into a UW Resource through the Wyo Login page like normal

University of Wyoming login page with fields for username and password, a "Logon" button, and instructional text.

 

Step 2: This step requires both the device you are logging into and the device Duo Mobile is step up on 

  •  In the Web Browser: Duo will provide a Temporary 6-Digit Verification Code which is always randomized 

  • On Duo Device: The Duo Mobile app will simultaneously ask if you are logging in. Tap to open this prompt and it should direct you to the Duo Mobile app 

 Two-factor authentication process with Duo Mobile using a verification code on a computer, and a notification on a smartphone.

 

Step 3: This step requires both the device you are logging into and the device Duo Mobile is step up on

  • On Mobile Device: In the Duo Mobile app, enter the verification code provided on the device you are trying to gain access on, then select the "Verify" button 

Duo Mobile verification process on a computer and smartphone. Verifying code once inputted into Duo Mobile app.

IMPORTANT! If you are NOT currently trying to login and receive this prompt in Duo Mobile, then click “I’m not logging in” which will deny access to a potential hacker and allow you to report a suspicious login

  • It is important to report this to the UWIT Help Desk as it means that your password has been compromised

 

Step 4: After verifying the code, on the device you are trying to log-on to, it will ask if you Trust this browser? 

  • Using a Public/Shared Device: select the "No, do not trust browser" option 

    • This will prevent others from taking over your session after you leave the device 

  • Using Personal Device: select the "Yes, trust browser" option 

    • This will cache your log-in for up to 10 days, meaning you will not be prompted for Duo 
       Pop-up dialog asking to trust the browser with options to confirm or decline.

 

Step 5: Once the code has been verified and you have selected if you trust the browser or not, you should be presented with a "Success!" page and it logs you in

Login Success screen through computer and Duo Mobile application informing user there log-in was successful.

Was this helpful?
0 reviews
Print Article