Have questions about 2-Factor Authentication (2FA)? Read the Frequently Asked Questions (FAQs) below.
Why is 2FA being implemented?
We are adding this security measure to help keep your personal information as safe as possible. Even if someone else knows your username and password, they will not be able to get into your account unless they also have the device that you use to authenticate.
Check out the article Why Do We Need 2-Factor Authentication? for more information.
How often will I need to authenticate?
Each authentication lasts for about 14 days if you select 'Yes this is my device'. That means that unless you’ve recently cleared your history or cache, you’re using a new Internet browser, or you’re using Incognito mode, you will only have to go through the process every 14 days per device.
Let’s say that 10 days later, you cleared your history. You would then need to authenticate again, and the 14-day period would restart.
How do I set up 2FA?
To see the step-by-step tutorial on how to set up Duo Mobile 2FA, visit our article How to Set Up 2-Factor Authentication with Duo Mobile.
What methods are available for me to authenticate with if I don’t have a mobile phone as my second authentication device?
Authentication Methods include:
- Touch ID, Face ID, Windows Hello Enterprise, and Android Biometrics authentication
- WebAuthn FIDO2 YubiKey
- Verified Duo push
- YubiKey passcodes
- Duo Mobile generated passcodes
- Hardware Token passcode
Note: SMS and phone call passcodes will no longer be available
If a phone was left at home or lost, a call to the help desk can give you a temporary bypass code for a few days until the phone is recovered. For users that need exceptions, we will have some alternate MFA options available such as a Yubi key or Duo Hardware token, depending on the situation. These users should work with their supervisor for approval.
If you do not have a smartphone, we strongly recommend using the push notification option to a device capable of downloading the Duo Mobile app. Not only is this option quicker, easier, and can be used offline, it also doesn't cost any money to the school for messaging and data rates.
Could I use a security key with DUO?
You can get an authentication token by contacting the I.T. Service Desk at (208) 496-1411 or through the Chat bubble. A token will cost a one-time fee of $30 but will supply passcodes on an as-needed basis for as long as 2FA is utilized at BYU-Idaho (in other words, for the foreseeable future). You can also purchase a security key. See our Security Keys and DUO tech guide for more information.
Will I need to authenticate from my classroom or office?
Yes. By request of the CES SOC, BYU-Idaho will be changing the security model for all on-campus devices. This new model will require Multi-Factor Authentication (MFA) for all resources that use SSO (Canvas, BYUI Portal, Workday, etc...). This new model will be similar to the experience of accessing BYU-Idaho SSO authenticated resources off campus. The use of Duo will be required.
What if I get an authentication notice when I’m not trying to log in to my account?
This means that someone is trying to get into your account. Deny the login request, and immediately change your BYU-Idaho password.
Contact Us
If you still need help, call us at (208) 496-9009 or start a Live Chat with us.
Hours of Operation: Mon - Fri 7:30 AM - 8:00 PM, Sat 10:00 AM - 4:00 PM Mountain Time
(excluding weekly devotional, forum hour and University Recognized holidays)