The upgrade that will give Duo multifactor authentication a new look has been rescheduled and a new date will be announced soon. Check status.gsu.edu for information and help related to a reported login/SSO application access issue.
While the interface of this login verification tool will look a little different in the browser, Duo will continue to function in the same way. The upgrade will also provide some new usability and security features that the university will be able to take advantage of moving forward. New features, for example, include more visible inline instructions for setting up, managing, and remembering devices.
Duo multifactor authentication is used for Office 365 email, student Panthermail, and all applications that use single sign-on. The upgrade will happen simultaneously across these applications.
If users have selected to have Duo remember them for 30 days in a browser, they will need to re-verify with Duo in that browser the next time they log in with CampusID after the upgrade. Re-verification with Duo will only be required when login occurs. For example, applications that save login such as the Outlook and Teams desktop clients will not be affected until signin is required again. The new version of Duo is hosted and will always appear as a second step after login with a URL containing duosecurity.com/.
Defaults to Previously Set-Up Method
When you log in for the first time after the upgrade in a browser or device, you will be automatically prompted to verify login using a method you have already set up, for example application push, phone call or Yubikey.
Note: For first-time login after the upgrade, verification method will be presented in order of security.
Order of Security:
Duo considers security keys (Yubikeys) to be the most secure authentication method. So if you have set up a Yubikey, you'll automatically see the prompt to use it the first time you log into that application after the Duo upgrade.
The Duo method considered next secure is using Duo Mobile to approve a Push notification, which is also the most common and recommended method. If you have a phone or tablet with Duo Mobile activated, Duo will automatically send a Push notification the first time you log into that application after the upgrade. Simply press Approve.
If you haven't set up Duo Mobile, then Duo will automatically select the next available option such as Phone Call.
If you use a legacy Duo Token, you would enter the code generated by the token using the Passcode option.
Generating a temporary Bypass Code online is also an available option.
New users will be prompted to set up.
Click Other Options for More
Just click Other options to change the method to use to login. Note: Once you complete Duo verification using this option, future logins from the same device and browser will begin to automatically default to this same method.
Remembering a Device
Users are encouraged to click Yes, this is my device for Duo to remember their individual devices and browsers when not shared with others.
In the future, a new feature that will be available as a result of the upgrade, verified push. The verified push feature will not be widely enabled with the upgrade. The ability to secure certain accounts or applications using a Duo push that requires 6-digit code will happen in a second phase and we will send out information related to this feature at that time.