MFA-Duo - What if I don't have a Smartphone?

MFA-Duo can be used with a smartphone, tablet, token/fob, or USB security key.
If you don't have access to or don't want to use your mobile device, you can use one of the devices listed below for MFA authentication.

Note: This document is only for setup if you're planning to use a token instead of a smartphone/tablet with MFA Duo. If you're planning to use a smartphone/tablet, see MFA-Duo - First Time Setup for Smartphone or Tablet.

Token/Fob

Note: You will need to obtain a token before you can register it. For information on how to obtain a token, see MFA-Duo - What is a token/fob?. It is very important that you not press the token button repeatedly prior to registering your token. This may cause the token to become out of sync and you will not be able to register it.

  1. Go to https://go.wisc.edu/token.

  2. Log in with your NetID and password.

  • Note: If you've already registered a device and are using MFA Duo, you'll be prompted to login with your NetID twice, then be prompted for MFA Duo.

  • Select the type of token that you have.

    MFA Portal token/fob section with two options: register or resynchronize a device

  • Enter the Token Serial Number in the appropriate field. The Token Serial Number may be entered with spaces/dashes or with numbers only; the format does not matter.

  • Making sure that the token's button is oriented to the left, press the button on the front of the token and enter the 6-digit passcode.

  • Click Register Duo Token/Fob.

  • The token will now be registered with your account.

  • Please note, if the token is the first MFA device you have registered, you'll will start being prompted for MFA.

Please note that one of the token images resembles a Yubikey token. While they may work, no support will be provided by the UW-Madison MFA project for Yubikey tokens.

See accessibility & usability information

We work with our users to address access and usability barriers in the MFA user experience. Learn details about known access barriers and workarounds at MFA-Duo - Accessibility & Usability Information. If you encounter a barrier or need assistance, please contact the DoIT Help Desk or call (608) 264-4357.

For questions regarding how to get access to the MFA mobile app contact the DoIT Help Desk at (608) 264-4357 or email help@doit.wisc.edu.

How to get access to a Security Key or Duo Token/Fob 

Students

Students, to obtain a token/fob, please contact the DoIT Help Desk (608) 264-4357 or email help@doit.wisc.edu. Students with disabilities can also request a token or security key at the McBurney Disability Resource Center, 702 W. Johnson St., Suite #2104, Madison WI 53715 on the 2nd floor.

Faculty, Staff, and Researchers

Employees can get access to devices for MFA at their Human Resources Office or IT department. For questions contact the DoIT Help Desk at (608) 264-4357 or email help@doit.wisc.edu. 

USB Security Key

Note: You will need the serial number of the device to complete registration. The serial number can be read from the back of the device or from a sticker placed on the packaging.

There are two stages of registering these devices. The first stage registers the device to be used as a hardware token and the second stage registers it to be used as a WebAuthn Authenticator.

  1. Navigate to go.wisc.edu/token.

  2. Login with your NetID and password.

    • Note: If you've already registered a device and are using MFA Duo, you'll be prompted to login with your NetID twice, then be prompted for MFA Duo.

  3. Select "USB Security Key" from the list of device types.

    selection of three devices: duo, otp c100, and USB Security Key

  4. You will be directed to Part 1 of the USB Security Key registration process.

    Follow the prompt to enter the USB Security Key Serial Number into the first input field. The serial number can be found on the back of your USB Security Key package.

    Part 1 of the registration process, with fields to enter in a securitiy key serial number and passcode, described in steps 4 through 7

  5. Plug the USB Security Key into a USB port or adapter.

  6. Click inside the second text field under Step 3: Get a passcode from the USB Security Key then press the button on your device. The six-digit passcode should be entered automatically.

  7. Click Next.

  8. Your device has now been successfully registered as a hardware token! 

The second stage of the process registers your device as a WebAuthn Authenticator.

registration - second stage

  1. Click the blue Duo Device Management Portal button. You will be asked to login with your NetID and password and authenticate with Duo once more.

  2. In the new tab that just opened, select the panel called Add a device.

    add new device

  3. Select Security key from the 'Select an option' window.

    security key

  4. Click Continue to bring up a popup window for enrolling your security key. The key will need to be plugged into a USB port on your computer.

    click continue

  5. Follow the prompts depending on your operating system and browser, then tap the button on your device to complete enrollment.

    success

  6. You should now see both a Security key or Passkey in your Device Management Portal as well as a Hardware Token. These both represent your singular physical device registered as a Hardware token that can enter passcodes, as well as a WebAuthn Authenticator.

    security key and hardware token

 

See accessibility & usability information

We work with our users to address access and usability barriers in the MFA user experience. Learn details about known access barriers and workarounds at MFA-Duo - Accessibility & Usability Information. If you encounter a barrier or need assistance, please contact the DoIT Help Desk or call (608) 264-4357.

For questions regarding how to get access to the MFA mobile app contact the DoIT Help Desk at (608) 264-4357 or email help@doit.wisc.edu.

How to get access to a Security Key or Duo Token/Fob 

Students

Students, to obtain a token/fob, please contact the DoIT Help Desk (608) 264-4357 or email help@doit.wisc.edu. Students with disabilities can also request a token or security key at the McBurney Disability Resource Center, 702 W. Johnson St., Suite #2104, Madison WI 53715 on the 2nd floor.

Faculty, Staff, and Researchers

Employees can get access to devices for MFA at their Human Resources Office or IT department. For questions contact the DoIT Help Desk at (608) 264-4357 or email help@doit.wisc.edu. 

See accessibility & usability information

We work with our users to address access and usability barriers in the MFA user experience. Learn details about known access barriers and workarounds at MFA-Duo - Accessibility & Usability Information. If you encounter a barrier or need assistance, please contact the DoIT Help Desk or call (608) 264-4357.

For questions regarding how to get access to the MFA mobile app contact the DoIT Help Desk at (608) 264-4357 or email help@doit.wisc.edu.

How to get access to a Security Key or Duo Token/Fob 

Students

Students, to obtain a token/fob, please contact the DoIT Help Desk (608) 264-4357 or email help@doit.wisc.edu. Students with disabilities can also request a token or security key at the McBurney Disability Resource Center, 702 W. Johnson St., Suite #2104, Madison WI 53715 on the 2nd floor.

Faculty, Staff, and Researchers

Employees can get access to devices for MFA at their Human Resources Office or IT department. For questions contact the DoIT Help Desk at (608) 264-4357 or email help@doit.wisc.edu. 

30876 30887

Keywords:
phone tablet token fob do not want don't can't use prohibited choose choice personal device private alternative smart my own 
Doc ID:
87582
Owned by:
MST Support in Identity and Access Management
Created:
2018-11-06
Updated:
2024-01-08
Sites:
DoIT Help Desk, Identity and Access Management