Multi-Factor Authentication (MFA) is a second login step after NetID login. This extra step helps to protect both your online identity and UW–Madison digital assets. MFA is continuously evaluated for usability and accessibility. Below are the accessibility and usability known barriers, functional workarounds, and how to get help. To view a listing of all MFA devices and features see MFA-Duo Device Options.  

How do I get help? 

For assistance, questions, or accessibility feedback, contact the DoIT Help Desk at (608) 264-4357 or email help@doit.wisc.edu. For more information regarding Duo Security product accessibility see Duo Security vendor accessibility information. 

Accessibility and usability barriers: Web and mobile applications for Duo’s Verified Push

When a user needs to cancel a push to log in via another option, such as a token, the first thing announced to a screen reader user in the Duo app is "Login canceled". This can be confusing and not immediately apparent that a user does have options other than the device they originally used for log in.

Navigating the “Check for a Duo Push” and “Is this your device?” modals with a screen reader can be confusing. Users don't hear the important information in the modal announced until they use the arrow keys or tabbing to navigate. It would be ideal for the user's focus to immediately enter the modal at the top of the dialog.

In the “Use your security key” modal, a user needs to select Continue before pressing the security key. This step slows down the login process and decreases usability, particularly for those using assistive technologies.

Users are allotted 60 seconds to read a Verified Push 3-digit code on their phone and then enter it in the modal on their desktop, however they are not notified of the amount of time they have to enter the code, nor are they offered the option of adjusting or extending the time limit. This impacts everyone, particularly those who require the use of assistive technology.

• IAM has shared this product feedback with Duo.

Accessibility and usability barriers: Web application for new Duo Universal Prompt

Add a device modal

While navigating with a screen reader and keyboard, the tab order does not follow the logical and sequential order of the page.   The screen reader does correctly announce the Country code form field title before the form field itself. However, the screen reader incorrectly places focus on the form field for phone number before announcing the form field title.

Cross site

• Language unspecified: When the language of a web page or app is identified, users with disabilities will be better able to understand the content.

• Heading level missing content: Heading level 1 content is missing on most pages; however, a small focus indicator appears where the hidden content is positioned. This could cause confusion for some users.

Home page

The section of the app that shows a user’s current device is mislabeled as an “article.” Landmarks, such as this, must programmatically and accurately identify sections of a page and be announced through a screen reader to help orient users to a page and help them navigate it easily.

Accessibility and usability barriers: Token/Fobs are less usable

More accessible options: 

Feitian USB Security Key (Desktop/Laptop users) 

For people who have difficulty using a token/fob, UW–Madison offers a device called a Feitian USB security key. This allows users to authenticate by inserting the security key into the USB port of their computer or laptop.

Duo Security Mobile App (smartphone/tablet users)

The Duo mobile app allows users to login to MFA using a randomly generated security code, or approve login via a push notification. 

How to get access to a Security Key or Duo Token/Fob 

Students

Faculty, Staff, and Researchers

Employees can get access to devices for MFA at their Human Resources Office. For questions contact the DoIT Help Desk at (608) 264-4357 or email help@doit.wisc.edu.