Multi-Factor Authentication Added protection for a more secure you Presenter: Jeff Penn Multi-factor Authentication (MFA) Objective What is Multi-Factor Authentication Why we need Multi-Factor Authentication How to register and configure your devices Multi-factor Authentication (MFA) What is Multi-Factor Authentication?? Multi-factor authentication, also referred to as advanced or twofactor authentication, provides an additional layer of security when logging in or performing transactions online. When logging in, a user is required to enter a password and also authenticate using a second factor, typically a phone or hardware token. Multi-factor Authentication (MFA) Multi-factor Authentication (MFA) Mr. MFA Multi-factor Authentication (MFA) Multi-factor Authentication (MFA) Mr. MFA Multi-factor Authentication (MFA) Why do we need it? • Prevent unauthorized users from logging into your account • Protect your identity • Protect your data • Protect your money! Multi-factor Authentication (MFA) Ways of MFA Authentication • Call your phone (desk or cell) • Send text message with pass codes to cell • Use the Duo Mobile app to create a pass code or send a notification to cell • YubiKey authentication Multi-factor Authentication Options Demonstrations How do I set this stuff up?!? 1) Registering/Activating MFA on your account 2) Setting up devices for MFA 3) Configuring and using your YubiKey 4) Choosing websites to use MFA MFA Options – Phone Call On the MFA homepage, select Add a basic cell phone or home/office phone Fill out the form and click Continue • Click on the multi-factor authentication home page link to return home MFA Options – Phone Call • Call your phone (desk or cell) • Select the Call my phone work (or whatever you named it) – You will receive a call from ‘Toll Free Call’ “Welcome to Duo. If you are not expecting this call, please hangup. Otherwise, press any key on your phone to login.” • Press any key on the phone • Click Enter MFA Options – Text Message • Text your cell phone • Select the Send SMS pass codes to cell – You will receive a text from a random number with 10 passcodes • Type any of the 10 passcodes into the MFA screen MFA Options – Duo Mobile app • Download the Duo Mobile app from the App Store or Play Store (Smartphones only) MFA Options – Duo Mobile app On the MFA homepage, select Add a basic cell phone or home/office phone Fill out the form and click Continue • Click on the multi-factor authentication home page link to return home MFA Options – Duo Mobile app In Duo Mobile, click the Add Account button and then click Scan Barcode Scan the QR code at the bottom of the screen and the Duke University account will load on your phone. Click Continue on the webpage when complete. Click on the multi-factor authentication home page link to return home MFA Options – Duo Mobile app MFA Options – YubiKey On the MFA homepage, select Advanced options and then click Register a hardware token (YubiKey) Follow the steps on the OIT page to complete the YubiKey configuration process. MFA Options – YubiKey • Authenticate using a YubiKey • Place your cursor in the YubiKey field • Touch the gold circle on your YubiKey for it to auto-populate and log you in MFA Login Do I have to authenticate using these MFA methods every time?? No! When logging in, you have an option to “Remember this device for 12 hours” Multi-Factor Authentication Homepage Select the different websites you would like MFA to be used Create Temporary Passcodes See all the devices you have configured Add/remove devices More Information You can access all the information on Multi-factor Authentication by visiting the TSC website under the Security link http://it.fuqua.duke.edu You can learn more about Multi-Factor Authentication on OIT’s webpage. https://idms-mfa.oit.duke.edu/mfa/help Questions Any questions?