General Multi-Factor information and a list of protected services can be found here.
Frequently Asked Questions:
Is it safe to install the Duo Mobile app?
The Duo Mobile app is a secure app designed to protect your privacy.
Your protected data and your passwords are never transmitted to the Duo two-factor system; only your username is transmitted to facilitate the two-factor authentication process.
Duo Mobile has no more access or visibility into your phone than any other app. Duo Mobile cannot:
- read your emails
- read your texts
- track your location
- see your browser history
- see your pictures
- remotely wipe your phone
Duo Mobile may ask to use your camera upon initial setup to facilitate the QR scan – alternatively, you can have an activation link emailed during setup.
More information can be found here: https://help.duo.com/s/article/4683
What if I forget my phone at home?
If you forget your phone at home you can still gain access to Whitman services that require a second factor.
The WCTS Help Desk can issue you a temporary bypass code that can be used in place of using your phone to verify your login. These codes are generally time-limited, but we can work with you to make sure you're good for the workday.
The Help Desk staff will need to verify your identity before they can issue you a temporary code.
What if I want 'backup' codes?
You can self-generate a list of pass codes for later use (when you may not have your phone).
- Instead of selecting "send me a push -- select "enter a passcode"
(you may have to hit cancel to select this)
- from that screen click "text me new codes"
- you will receive a set of 6 codes that can be stored in a secure location for later use -- these can be used in place of your phone, if necessary
What if I get a new phone?
You can 'add a new device' as a second factor at any time. This is useful if you replace your device -- either from a loss, or when you purchase a new phone.
If your previous device was configured for an iCloud or direct Google Play backup, the Duo app on your new phone may offer to restore your setup. If not, you simply need to add your new phone as an additional device.
To add your new device - start by connecting to a Whitman MFA service - for example: <https://my.whitman.edu> enter your Whitman username and password to login
- when prompted for the Duo 2nd factor select "Add new device" on the left
- this will ask you to verify you have control of the device - select Call Me**
- once verified, you will be walked through registering your new device -- similar to the initial setup when you were first enrolled with Duo.
** if your new phone has a different phone number, you will need to contact WCTS to start a fresh Duo enrollment - or have access to an existing passcode see previous tip above.
more information can be found here: https://guide.duo.com/add-device
I don't want to use my phone; or
My phone is not compatible with the app.
The Duo Mobile app is the preferred mechanism for verifying logins – as it is the most secure and the most convenient.
However, if you choose to not – or cannot – use your smartphone for this verification step – we will provide you a key fob that will generate a one-time-use passcode whenever the Duo multi-factor verification is presented.
The fob functions even when there is no wifi or cellular connection available.
Please contact the Information Security Office <email@example.com> to discuss getting a fob and for the documentation specific to using the fob for verification.