Multifactor Authentication - Duo

The college has a limited license for the Duo MFA (Multifactor Authentication) service.  We are using this license to protect the most sensitive/critical accounts.  We expect to expand our pilot group to include all faculty and staff who have critical system access in early 2019.  For more information, contact InformationSecurity@newpaltz.edu.

Features and Benefits:

  • Duo protects access to sensitive systems in that it requires something you know (your existing password) and something you have (a cell phone with the Duo app installed, or a keyfob that displays a rotating access code).  This means that even if the password for a user was compromised, the scope of such a compromise for a Duo protected account is limited.
  • If you use your personal smartphone, you can use the Duo Mobile app (on Android or iPhone).  After entering your username or password, you're prompted to respond by approving the login on your app.  For more info see: https://duo.com/product/trusted-users/two-factor-authentication/duo-mobile
  • If you use one of the Duo hardware tokens, you just have to push the button on the token to have it display a six digit number (which changes every minute), which you will use to login along with your password.

Authorized Users:

  • Faculty and Staff with access to sensitive systems
  • This is limited right now to a small pilot group of under 100 users, and Information Technology Services staff

Request Process:

  • Initially IT will be contacting departments for the pilot group.  If your department has needs in this area, feel free to reach out to Paul Chauvet for more information.

User Responsibilities:

  • Users are required to report loss or theft of their Duo devices (both personal smartphones, as well as the keyfob devices) to ITS as soon as such loss or theft is discovered.
  • If you are replacing a phone, or doing a factory reset of a phone with the Duo Mobile app installed, you should coordinate this with ITS in advance as your new device will need to be reactivated.
  • The Duo keyfob devices should not be shared with any other staff members without prior authorization of the Chief Information Officer, or the Information Security Officer.

Requirements and Prerequisites:

  • None

Hours of Availability:

  • Duo services are available 24/7/365
  • Activation of new users or devices can only be done during normal business hours.

Customer costs:

  • Costs for the keyfob devices after 2018 are still to be determined.

Support:

  • Use the "Request Assistance" button on this page.
  • Send an email to servicedesk@newpaltz.edu
  • Walk-in to the Service Desk in Humanities 103 or call 845-257-HELP (4357).