Carnegie Mellon University

Multi-Factor Authentication

You might not realize it, but you regularly use multifactor authentication, also known as two-factor authentication (2fa). When you swipe your debit card and are asked to enter your PIN code is a form of two-factor authentication? You must possess your card AND know your PIN code.

How Does Two-Factor Authentication Work?

Two-Factor authentication (2fa) , is widely used to add a layer of security to your online accounts. The most common form of 2fa when logging into an account is the process of entering your password and then receiving a code via text on your smart device that you need to either enter on to your account or a push notification if you're using a 2fa app on a smart device. 

The second layer in 2fa means a bad actor would need to steal your password along with your smart device in order to compromise your account.

The three types of authentication:

  • Something you know: password, PIN, security question

  • Something you have: phone, credit card, fob device

  • Something you are: biometric fingerprint, retina, face, or voice

Carnegie Mellon University offers a free two-factor authentication solution through DUO Security. CMU uses DUO Security to support 2fa for services using Single Sign-On through Web Login (including Box, LinkedIn Learning, Workday, SIO/S3, Sparcs, GSuite, Canvas, Taleo). CMU also uses DUO Security for 2fa with some services that don't require Web Login (including VPN, Citrix, and Campus Cloud).

Faculty, staff, students, and alumni are required to use 2fa with their Andrew account. 

To register your device for DUO 2fafollow the steps on the Computing Services 2fa Registration Page.     

Visit DUO's list of supported applications for additional integration options or contact the Help Center for additional 2fasupport.