2FA - FAQ's
2FA - FAQ's
Two-Factor Authentication FAQ
Instead of using just a username and password when logging into a website, two-factor authentication adds an additional layer of security.
Here are some of the most common concerns when logging into a website using just a username and password:
- Many users choose weak usernames and passwords which can be easily guessed or cracked
- Phishing attacks successfully trick people into revealing their usernames and passwords
- Viruses/malware can capture usernames and passwords and send them over the network where they can be collected
- Users on unsecured networks, for example, at the mall or coffee shop can have their login credentials sniffed (revealed)
The main disadvantage of the username/password (login method) is that this combination is only a single piece of information that a malicious individual needs to obtain in order to compromise your account(s).
Two-factor authentication adds an extra layer of security to your login practice by requiring you to have in your possession something physical and unique to you. This physical object can either be your cell phone, your office phone, or even a tablet.
NJCU has partnered with Duo Security to provide the infrastructure for two-factor authentication. For more information on two-factor authentication as provided by Duo Security, visit http://guide.duosecurity.com
- Push Notifications: Verify your identity by approving a push notification from an authentication mobile app on your smartphone or wearable.
- Phone Callbacks: This method calls your phone and waits for you to pick up and press any key to authenticate before granting you access to your account.
- Time-based One-Time Passcodes(TOTP): Similar to SMS, a two-factor authentication app can generate new, unique passcodes for you to type into the two-factor prompt. These are known as time-based one-time passcodes (TOTP).
Click your device platform to learn more:
- When you are doing your initial setup, you may add multiple devices by clicking "Enroll another device" during the process. After that, you can either contact us at njcu2FA@njcu.edu to add a new device or log in to the DUO self-service to Manage your devices for DUO.
- We encourage you to contact us with questions or concerns about using the DUO. Please send an e-mail with detailed information at njcu2FA@njcu.edu.
- If you don't have a cell phone, the Duo system allows you to use your landline phone. You would receive an automated phone call that requires you to simply press any button in order to confirm your identity.
- If you get a notification from Duo that you did not request, that means someone else is trying to log in to the system using your account. Use the "Deny" option, and access to your account will be denied. University IT Security will be notified automatically when you select "Deny." If you ever receive a Duo phone call when you are not trying to log in, Do not press any Key and hang up the call to deny access.
- The Duo smartphone app provides options that work without a data plan, a texting plan or even an internet connection, if necessary. The app can generate the required code without the need of either a telephone signal or data plan, and it can do so anywhere in the world. If you have a signal and data plan, the app makes two-factor authentication as easy as a pushing a single button, but if you don?t, you can use the app to generate a six digit code and enter that instead.
- Like a compromised password, a lost device is a security risk. Contact the IT Help Desk via njcu2FA@njcu.edu or at 201-200-4357 immediately if you lose your phone or suspect it has been stolen. We will disable your phone from being able to authenticate with Duo and help you log in using another device.
- We encourage users to set up multiple authentication methods with Duo so that when one method is unavailable, you have others from which to choose. For example, you could set up your smartphone for "push" and also your office phone and home phone to do a callback.
To login with an alternate device (that has been previously configured and set up in Duo) other than what you set as the default, you will need to append information to your password when you log in.
- Step 1: On the GothicNet Login Page, Enter your GothicNet ID.
- Step 2: In the password field, type in your password immediately followed by a comma and the authentication method and/or device you want to use.
APPEND TO PASSWORD | TO |
---|---|
password,passcode |
Log in using a passcode, either generated with Duo Mobile, sent via SMS or provided by an administrator. |
password,push |
Push a login request to your phone (if you have Duo Mobile installed and activated on your iOS, Android, or Windows Phone device). Just review the request and tap "Approve" to log in. |
password,phone |
Authenticate via phone callback. |
password,sms |
Get a new SMS passcode. |
- You can also add a number to the end of the appended text if you have enrolled more than one device, such as multiple phones.For example, if you add “ ,phone2 “ immediately following your password, the system will call your second (2nd) phone.
- Examples:
- To request a text message on your default mobile phone, type: your_password,sms
- To request a push notification on your backup tablet, type: your_password,push2
- To request a phone call on your second phone, type: your_password,phone2
- Examples:
- Step 3: Click Sign In, and then follow the instructions to authenticate with your chosen method or device.
If you wish to reactivate the Duo app on a new mobile device, please follow the instructions below, as long as the phone number is the same.
- Go to https://2fa.njcu.edu/login.aspx.
- Log in with your GothicNet ID and password.
- Click Manage Devices on the Two-Factor Authentication Portal.
- When you are prompted to “Choose an authentication method,”
- Authenticate with your backup device and then skip to step 6, or
- If you only set up a mobile phone initially, continue with the following instructions:
- Then, in the bottom right hand corner of the page, click Text me new codes. Your new phone should receive a text message with a 7-digit passcode. Enter your passcode in the box next to Log In. You have now authenticated your sign on.
- On the My Settings and Device page, click on Device Options for your mobile phone.
- Click Reactivate Duo Mobile.
- Select the type of mobile phone you are adding, and click Continue.
- For iPhone, Android, and Windows phones, you will be prompted to install the app Duo Mobile. The portal will provide instructions on how to get and install the appropriate app for the mobile device selected. Department of Information Technology recommends using the Duo Mobile app to simplify the 2FA process. Proceed to step 7 once you have installed the app on your phone.
Note: Android users may see a “Google Duo” app when searching for Duo Mobile on Google Play Store. The correct application to install is the DUO Mobile version developed by Duo Security LLC.
- If you choose “Other (and cell phones)”, you are finished with the process after your click Continue. You do not need to continue to the next step.
- Click I have Duo Mobile installed.
- Next, you will activate Duo Mobile for your phone. You can do this two ways. You can scan the on-screen QR code (point the camera on your phone at your screen) or have an activation link emailed to you. Click Continue once you complete either activation option.
- The process is complete, and you have successfully added a new mobile phone.