аIJʿª½±½á¹û

Multi-factor Authentication is an added layer of security when signing in to your аIJʿª½±½á¹û accounts that is increasingly vital to protecting you, your data, and аIJʿª½±½á¹û's data online.

Multi-factor authentication is required for all аIJʿª½±½á¹û students, faculty, and staff for both аIJʿª½±½á¹û network/SSO accounts and аIJʿª½±½á¹û email/Gmail accounts. Enrolling is easy, and provides you a significant new layer of security.

аIJʿª½±½á¹û Multi-factor Authentication

When signing in to аIJʿª½±½á¹û resources online, users have always been asked to provide a username and password. However, this single method of authentication creates a single point of failure — if a malicious party obtains a user's password through phishing, hacking, or brute force guessing, that account is compromised.

Multi-factor authentication adds an additional layer of security by verifying not only that the user knows a password, but that the user also has access to a registered device, like a personal smartphone.

Informational graphic showing that a password screen plus a notification on a separate device equals secure access
With multi-factor authentication, even if a malicious party obtains your password, they will be unable to access your account unless they also have physical access to your registered device.

How it Works

1. Enroll

Enroll in multi-factor authentication, registering one or more devices to serve as authenticators (at least two devices is recommended). How to enroll

2. Sign in Normally

When signing in to Ð°IJʿª½±½á¹û systems protected by multi-factor authentication, you will enter your username and password normally.

3. Verify Your Identity With Your Registered Device

The multi-factor authentication service will prompt you to verify your identity using a registered device. This may entail responding to a notification sent to that device, or entering a code found only on that device.

How to Enroll

You have two аIJʿª½±½á¹û accounts; enroll in multi-factor for both to protect yourself.

Although you may not realize it, you use two different accounts to access University resources. Each has its own multi-factor authentication option — to fully protect yourself, you should enroll in multi-factor authentication for both:

Your аIJʿª½±½á¹û network account grants you access to a wide array of services and platforms around the University. These include the аIJʿª½±½á¹û Portal, the University directory, the campus calendar, Tableau, and many more. Any time you log in using the аIJʿª½±½á¹û sign-in interface, you're using your аIJʿª½±½á¹û network account.

Your network account can be protected with Duo multi-factor authentication.

Your Google account grants you access to a wide platform of Google-based services, including your @colgate.edu Gmail account, Google Drive, Google Docs, Google Sites, and many more. Any time you sign in using the Google sign-in interface, you're using your Google account.

Your Google account can be protected with Google 2-Step Verification.

General MFA FAQs

Frequently asked questions about аIJʿª½±½á¹û's multi-factor authentication options, including Duo and Google 2-Step Verification.

Although you may not realize it, you use two different accounts to access University resources:

  • аIJʿª½±½á¹û Network Account: Your аIJʿª½±½á¹û network account grants you access to a wide array of services and platforms around the University. These include the аIJʿª½±½á¹û Portal, the University directory, the campus calendar, Tableau, and many more. Any time you log in using the аIJʿª½±½á¹û sign-in interface, you're using your аIJʿª½±½á¹û network account.

    аIJʿª½±½á¹û Network accounts can be protected by Duo.
     
  • Google Account: Your Google account grants you access to a wide platform of Google-based services, including your @colgate.edu Gmail account, Google Drive, Google Docs, Google Sites, and many more. Any time you sign in using the Google sign-in interface, you're using your Google account.

    Google provides a proprietary multi-factor authentication option called .

In order to protect both of these accounts, each of their respective multi-factor authentication systems must be activated.

 

Duo specifically protects your Ð°IJʿª½±½á¹û network account, whereas Google 2-Step Verification protects your аIJʿª½±½á¹û Google account.

In order to protect all of your аIJʿª½±½á¹û accounts and data, you must activate both of these multi-factor authentication systems.

If you lose a device that is enrolled in your Duo and/or Google accounts, please contact the ITS Service Desk so that they can ensure it has been safely removed from your account.

ITS strongly encourages that you enroll more than one device as an authentication option with both Duo and Google. By doing so, you ensure that you can access your accounts, even if one of your authentication devices becomes unavailable.

аIJʿª½±½á¹û recommends that users register a smartphone as their primary authenticating device.

However, both Duo and  provide multiple other options for devices that may be used as authenticators.

If you are not using a smartphone as your authenticating device, ITS encourages you to contact the ITS Service Desk to discuss the best alternatives to suit your needs.

Duo Multi-factor Authentication FAQs

 Google's 2-step verification has been required since the fall of 2021.

аIJʿª½±½á¹û's Google accounts are not part of the authentication system protected by Duo. However, users seeking the protection multi-factor authentication may .

For questions, or to request assistance, contact the ITS Service Desk.

This second factor of authentication is separate and independent from your username and password — Duo never sees your password.

Using Duo Push with the Duo app uses a very small amount of data — less than 2KB per notification; if you're connected to WiFi, it will not impact your data plan at all. Using Duo Passcode via the mobile app does not use any data.

When using the text message (SMS) option, your text message rates will apply, and the University will also incur a small cost per text message requested. For this reason, the University strongly encourages users to utilize the Duo Push or Passcode options via the mobile app.

For a full look at the implications of the various device options, see Add and Manage Duo Devices.

If you're travelling internationally,  Duo authentication can work without cellular service or a wifi connection.  

We always recommend in all circumstances, and particularly while travelling to use the Duo app on a Smartphone or Tablet.  When prompted at sign-in, choose the Enter a Passcode option.  To generate the passcode, open the Duo Mobile app on your phone and tap the "аIJʿª½±½á¹û" entry.  A passcode will be presented to you, even without wifi or cellular service.

Alternatives to the preferred option above include a Hardware token or obtaining a ByPass Code (can be used in extreme cases).  For more information, contact the ITS Service Desk

Refer to for more information on SIM cards, phone numbers, and changing phone.

It is best to review the options above prior to leaving the country.  Work with the ITS Service Desk to be best prepared for your travel.

 

Google 2- Step Verification FAQs

Yes, Google 2-Step Verification has been required since October 2021.

Google provides this page outlining the various .

Google recommends that users utilize the Google Authenticator app, listed on the page linked above.

The ITS Service Desk can assist should you forget your device. 

  • To check your status, begin by visiting 
  • Then Click "Security" on the left-side navigation panel
  • Scroll down to the section:  "Signing in to Google"  and confirm that 2-Step Verification is on.

 

 

Ask for Help

If you are unable to find the information you need in the documentation available online, the ITS Service Desk is available to assist.