MFA-Duo - What is Duo Multi-factor Authentication?
What is Multi-factor Authentication (MFA)?
Multi-factor authentication (MFA) strengthens access security by requiring multiple methods (also referred to as factors) to verify your identity. These factors can include something you know - like a username and password, plus something you have - like a smartphone app to approve authentication requests.
MFA protects against phishing, social engineering and password brute-force attacks and secures your logins from attackers exploiting weak or stolen credentials.
Why is UW-Madison adopting Multi-factor Authentication (MFA)?
Multi-factor authentication (MFA) is one of the best ways to protect against remote attacks such as phishing, credential exploitation and other attempts to takeover your accounts. Without your physical device, remote attackers cant pretend to be you in order to gain unauthorized access to corporate networks, cloud storage, financial information, etc. stored in applications.
MFA helps to reduce the risk of devastating and costly breaches. Recent breaches resulting from compromised credentials include government agencies like the Federal Office of Personnel Management and higher education institutions like the University of Maryland, where a cleanup effort cost over $6.2M in credit monitoring alone. University of Central Florida also suffered a loss of 60,000 identities. MFA also reduces UW-Madisons risk exposure. MFA increases credential security across IT systems that use a username and password, including NetID. MFA will prevent us from having the same risk exposure as companies that were breached. Additionally, UW System Administrative Policies 1030 and 1031 mandate that we implement a multi-factor authentication system.
Why did UW-Madison select Duo for Multi-factor Authentication (MFA)?
An RFP was concluded in 2017, with industry-standard Duo Security being selected. Other higher-education institutions Duo serves include Harvard, Michigan, Villanova, Syracuse, University of South Florida and more. Duo has worked well for these institutions.
Additional Resources:
- Duo Security's website
- Duo Multi-factor Authentication Project feedback form
See accessibility & usability information
We work with our users to address access and usability barriers in the MFA user experience. Learn details about known access barriers and workarounds at MFA-Duo - Accessibility & Usability Information. If you encounter a barrier or need assistance, please contact the DoIT Help Desk or call (608) 264-4357.
For questions regarding how to get access to the MFA mobile app contact the DoIT Help Desk at (608) 264-4357 or email help@doit.wisc.edu.
How to get access to a Security Key or Duo Token/Fob
Students
Students, to obtain a token/fob, please contact the DoIT Help Desk (608) 264-4357 or email help@doit.wisc.edu. Students with disabilities can also request a token or security key at the McBurney Disability Resource Center, 702 W. Johnson St., Suite #2104, Madison WI 53715 on the 2nd floor.
Faculty, Staff, and Researchers
Employees can get access to devices for MFA at their Human Resources Office or IT department. For questions contact the DoIT Help Desk at (608) 264-4357 or email help@doit.wisc.edu.