Multi-factor authentication is widely regarded as one of the best solutions to prevent the theft and misuse of information from individuals and institutions. WashU uses the Duo application to make it quick and easy for users to protect themselves using multi-factor authentication.

What is Duo? 

Duo is a form of multifactor authentication that uses a mobile device or phone to verify that the person logging into your account is actually you. Duo adds a second layer of defense against unauthorized logins to your WUSTL account and email. 

Why is Washington University using Duo? 

Duo protects access to your WUSTL accounts and email, even if your password is guessed or stolen. Universities are prime targets for Internet thieves attempting to gain quick access to personal information and use compromised accounts to attack other businesses and institutions. Many other businesses and universities employ 2FA to enhance security and decrease instances of phishing attacks.

Do I need to use Duo? 

Anyone who accesses any Washington University system online, including faculty, staff, students, alumni and volunteers, will need to enroll in Duo to log in. 

You will be asked to verify your identity through Duo once every two weeks, or whenever you clear your web browser history. 

By enrolling in 2FA, you are taking an important additional step toward securing your online identity and personal information. You are also helping to protect Washington University’s institutional data.​

If you do not wish to install the Duo app, you can set up 2FA by entering a phone number. You will receive a phone call when you attempt to log in; press any key to authorize your login. ​

What if I already use Duo for another purpose? 

The Duo app lets you register multiple profiles. Open the Duo app and click the + at the top of the page to add Washington University as a new account. 

If you do not use the Duo app, follow the instructions to enroll your phone number without downloading the app below. 

Do I have to give Duo Mobile access to my camera if I download the app onto my device? 

The Duo app uses the device’s camera to take a photo of a QR code in order to quickly personalize your access for security purposes. You can deny this permission, but without this access you will have to type a long, alphanumeric “2FA secret” key to get your account working. 

This a​rticle​ describes how to turn off permissions you may have granted the Duo Mobile application.

Directions for enrolling in WashU 2FA
  1. Decide which device(s) you will use for authentication: mobile phone, tablet, or landline
    Visit https://connect.wustl.edu/2fa/.
  2. Login with your WUSTL Key and WUSTL Key Password.
  3. Click “Manage Enrollment.”
  4. Click “Start Setup.”
  5. Select the device type you would like to use. Then, click “Continue.”
    a. Select mobile phone if registering a mobile phone, even if you do not plan to download the Duo app. 
    b. Select landline if registering a landline phone.
  6. Continue for Mobile Devices with Duo Mobile app​. 
  7. Enter the phone number associated with the chosen device. Then, click “Continue.”
    a. If you are setting up a tablet you will follow the instructions on the screen rather than adding a phone number. 
  8. Choose the brand of your device. Then, click “Continue.” 
  9. Search your app store for the free “Duo Mobile” app and install it on your phone. Open the app and allow push notifications if prompted.
  10. Follow the instructions on the next screen. 
  11. Open the Duo Mobile app.
  12. Tap the “+” button in the upper right, and allow access to camera if prompted. 
  13. Point your phone’s camera at the barcode on the computer screen. Hold it steady. 
  14. Then, click “Continue” in your web browser. 
  15. Choose the settings you prefer including your default device (you may have more than one device enrolled) and the method for receiving your authentication (phone call or push notification). 
  16. If you do not wish to choose a default device (“automatically send me a:”), then you will be asked how you wish you authenticate each time you login. 
  17. If you select a default, the system will use that method without asking. 
  18. You are enrolled in 2FA. 
How to register your phone number without installing the app
  1. Enter the telephone number including the area code. Check the box to verify the number (ex: 314-933-3333 is the correct number). Then, scroll down and click continue.
  2. If you are setting up a cell phone and do not wish to download the Duo app, select Other (and cell phones) as the device type. This will allow you to register without using the app. 
  3. Choose the settings you prefer including your default device (you may have more than one device registered for 2FA) and the method for receiving your authentication. You are enrolled in 2FA. 
  4. If you do not wish to choose a default device (“automatically send me a:”), then you will be asked how you wish you authenticate each time you login. If you select a default, the system will use that method without asking.