Duo Security: Two-Factor Authentication

Two-factor authentication is available for active faculty, staff and students at Single Sign-on, and is required for various university systems log-ins. Two-factor authentication protects users from unauthorized access to CWRU accounts, in the event that a password is compromised. 


Duo Security: Start Guide

Quickly and simply configure DUO security 2-factor authentication for use with your cell phone, landline, smartphone, tablet, laptop or hardware token.

Duo Security: Overview


Duo Security: Training Videos

Watch our training videos for step-by-step instructions on enrolling and using Duo Security two-factor authentication at Case Western Reserve.

Duo Security: Training Videos


Duo Security: Enroll Your Device

Two-factor authentication enhances the security of your account by using a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.

Enroll Now


Duo Security: Lost or Stolen Phone

Even if you lose your phone, remember that your password will still protect your account.

What to do now.


What is Two Factor Authentication?

Two-factor authentication provides added security by prompting you to enter a unique code at sign in, in addition to your password. The unique code, generated by your phone, is used only once. You can prompt the code from a device of your choosing (typically your smartphone). Using the Duo Mobile smartphone app (for iOS, Android) is the simplest and preferred method for obtaining the second-factor codes, but tokens and other methods are available.

Theft of Credentials is Common

  • A user can be tricked into giving away their Network ID and passphrases through a malicious email or phishing or other online scams (View phishing examples here).
  • Many people reuse passwords or passphrases on other websites (Amazon; LinkedIn). If compromised, attackers often publish or sell the passphrases (infosecurity-magazine.com/news/linkedin-breach-weak-passwords).
  • A user shares their Network ID and/or password (in violation of CWRU policy) with someone else.
  • A user logs in from an infected computer where attackers continue to run and record keystrokes of the users' passwords and/or passphrases (Keylogger).