New Verified Duo Push
Beginning May 14, App State will implement enhanced security measures for our Duo Two-Factor Authentication Mobile Push system.
Why the change?
Cybercriminals are more aggressive than ever. Each day, our IT team fends off thousands of unauthorized attempts to access sensitive data. A new strategy of using push harassment, which is the act of sending successive push notifications to annoy you enough to accept a push for a fraudulent login, makes people more vulnerable to payroll and identity theft.
The new verification code system will ensure only verified users can log in and reduce the chances of unauthorized access by accepting a push they did not request.
What’s changing?
A numeric code will replace the process of tapping the “Approve” button (the green checkmark) in the Duo Mobile app.
Similar to security features in many other mobile applications, you will be prompted with a verification code when using Duo Mobile Push and will enter that code and select “Verify” on your mobile device.
What do I need to do?
Register for Duo Verified Push immediately if you are currently using a different verification method. If you already use Duo Mobile Push, you will automatically be prompted to use Duo Verified Push in early May 2024.
Duo Mobile App passcodes are being turned off. Other options remain (Touch ID, security key/fob/token, phone calls and SMS passcodes), but ITS highly recommends Verified Push on your mobile device as one of the easiest, fastest and most secure methods.
Questions?
Visit the IT self-help Knowledge Base for articles on Duo - 2 Factor Authentication.
For general questions about Duo, submit a Duo Support ticket or contact the IT Help Desk at 828-262-6266.
If you receive unexpected Duo Push login requests, you can report fraud using the “I’m not logging in” button in Duo Mobile. For security concerns or related questions, contact the Office of Information Security at security@appstate.edu, or visit at security.appstate.edu.