Authenticating using Duo 2-Factor Authentication


Introduction

2-factor enrollment is required to log into many Virginia Tech Web-based systems. To use these Web sites and services that use the Login service, you are required to authenticate with a second factor.

 

Related Links

Instructions

Authenticating using your device 

Authenticating via LDAP

Since some Virginia Tech Web sites, such as parking.vt.edu for buying and purchasing a parking pass online, are unable to display the interactive Duo prompt, they require a different method of completing authentication with your second factor

On Virginia Tech Web sites that say something about logging on with 2-factor and LDAP, after submitting your VT Username and VT Username passphrase, you may automatically receive a Duo push notification or an automated Duo voice call. If so, complete authentication by responding to the notification or voice call.

When Web sites use this method of authenticating, if no device is specified after the password, Duo will always prefer the first push-enabled device over any other available device.

In the Password text box, type your VT Username passphrase followed by a comma (‘,’), and a keyword representing what you want to use, which is one of: push, phone, or passcode (the actual code). For example if your passphrase is “myPassword” and you want to authenticate with a Duo automated voice call, in the Password text box, type: myPassword,phone and then answer the telephone. Or as another example, to use a passcode, for example “12345”, in the Password text box, type: myPassword,12345.

Detailed Instructions for Authenticating via LDAP

  1. Start logging on to the service that you want, and when prompted, enter your VT Username (PID).
  2. Fill in the password box.
    • To authenticate with a push notification:
      1. In the password text box, type: ABC,push but replace ABC with your passphrase.
        (Note the comma and no spaces.)
      2. Click the appropriate button to submit your credentials.
      3. On your phone, when the push notification appears, accept the Duo push notification.
    • To authenticate with a SMS text message:
      1. In the password text box, type: ABC,sms1 but replace ABC with your passphrase.
        (Note the comma and no spaces.)
      2. Click the appropriate button to submit your credentials.
      3. You will see an error indicating invalid credentials.
        (This is normal, because the password text box must be cleared so that you can type a passcode.)
      4. You will receive an SMS text message that starts with "SMS passcodes:" to your primary mobile phone. Open that text message. The text message will contain 10 different passcodes that are each 6-digits long.
      5. In the password text box, type: ABC,XXXXXX but replace ABC with your passphrase (note the comma and no spaces.), and replace XXXXXX with one of the 6-digit passcodes from the SMS text message.
    • To authenticate with a voice phone call:
      1. In the password text box, type: ABC,phone but replace ABC with your passphrase.
        (Note the comma and no spaces.)
      2. Click the appropriate button to submit your credentials.
      3. The primary telephone number associated with your Duo account will ring. Answer the telephone.
      4. Press one of the number keys on the phone to confirm the authentication.
    • To authenticate with a YubiKey:
      1. The YubiKey must be previously registered with Duo as AES. U2F tokens will not work. For instructions, see Enrolling a YubiKey as AES/OTP to Use in Any Browser.
      2. In the password text box, type your passphrase.
      3. Click the appropriate button to submit your credentials.
      4. Tap your YubiKey.
    • To authenticate with a 6-digit passcode from the Duo mobile app:
      1. On your mobile device, start the Duo mobile app.
      2. In the Duo mobile app, tap the key.
      3. In your browser, in the password text box, type: ABC,XXXXXX but replace ABC with your passphrase, and replace XXXXXX with the 6-digit passcode.
        (Note the comma and no spaces.)
      4. Click the appropriate button to submit your credentials.
    • To use a 6-digit passcode from a D-100 token or a software token:
      1. Use the D-100 token or the software application to generate a 6-digit code.
      2. In the password text box, type: ABC,XXXXXX but replace ABC with your passphrase, and replace XXXXXX with the 6-digit passcode.
        (Note the comma and no spaces.)
      3. Click the appropriate button to submit your credentials.
  3. You will now be logged on to and transferred to the service to which you were going.

Top of the page

Search words: two-factor, two step, multi-factor, 2FA, sign in

Top of the page