- Academic Affairs
- Administration and Finance
- Center for Health and Homeland Security
- Center for Information Technology Services
- Communications and Public Affairs
- Community Engagement
- Government Affairs
- Human Resource Services
- Office of Philanthropy
- Operations and Planning
- Police and Public Safety
- President's Office
- Research and Development
- University Counsel
Multi-factor authentication requires something you know (your UMID password) and something you have (like a smartphone or tablet app, or a mobile phone or landline phone) as an added layer of security to prevent anyone else from accessing your account. Multi-factor authentication is one of the most effective methods to prevent phishing, helping to protect you and the UMB community. Duo is the multi-factor authentication solution at UMB.
Passwords are essential for security and privacy, but they are often not enough. They can often be stolen, guessed, and hacked — you might not even know who else has your password and is accessing your account. Multi-factor authentication adds a second layer of security to your account to make sure that it stays safe, even if someone else knows your password, by using your phone or other device to verify your identity. You will be alerted right away (on your phone — mobile or landline — or tablet) if someone tries to log in using your password. This prevents anyone but you from accessing your accounts.
All UMB faculty, staff, and students will eventually bw required to enroll in Duo to access MFA-protected applications. The first phase of implementation will be restricted to highly privileged users of eUMB and SIMS/Banner, Office 365, ImageNow, and VPN.
Duo's self-enrollment process makes it easy to register your phone or tablet and install the application on your device. You can complete your enrollment here. After completing the process, you can test the authentication process by visiting this link.
If you do not self-enroll before your account has been enabled to use Duo, you will be redirected to the enrollment process the first time you try to log in to a Duo-enabled system.
FAQs and Tips
You can use a landline or a tablet. Duo also lets you link multiple devices to your account, so you can use your mobile phone, a landline, and/or a tablet. We suggest that you enroll more than one device for redundancy in the event that a device is lost or unavailable.
If none of these options is available to you, you can be issued a hardware token, or "fob." Please coordinate with your local school or department IT team for approval:
- HS/HSL — M.J. Tooey
- School of Dentistry — Kent Buckingham
- School of Law — Simon Canick
- School of Medicine — Scott Stefan
- FPI — Ben Sfanos
- School of Nursing — IT Help Desk
- School of Pharmacy — Tim Munn
- School of Social Work — David Pitts
Contact the Help Desk via email or call 410-706-4357 immediately if you lose your phone or suspect that it has been stolen. The device will be disabled for authentication and you will be assisted in enrolling another phone/device. While it is important that you contact the Help Desk if you lose your phone, remember that your password will still protect your account.
If you get a new phone, you will need to reactivate Duo Mobile. This can be done through our Account Management site. When accessing the portal, you will need to complete the two-factor authentication process. If you have a second device, you can use it to authorize. Otherwise, you will need to choose the option to have Duo call your phone before you can reactivate Duo mobile.
If your account has been enabled to use Duo as the second factor, you will log in to the system as you usually do. You will then be prompted to enter the second factor.
You will be prompted to select which Device you wish to use (Android, token, etc.) and to choose an Authentication Method (Duo Push, Call Me, etc.) depending on the device and method:
- Duo Push: Duo will send a notification to the Duo app on your mobile device. You will then select Approve and Confirm.
- Call Me: Duo will call the phone number and ask you to confirm or deny your identity.
Below the list of authentication methods is a check box labeled "Remember me for 10 hours." Select the check box if you want that device to be remembered for 10 hours.
Here is the Duo login as seen in a Shibboleth-protected system, like the myUMB Portal:
Here is the Duo login in Office 365, via https:\\portal.office.com, for a user who has not yet setup Duo.
Clicking on Start Setup will step you through the Enrollment process, described in greater detail here: www.umaryland.edu/cits/services/duo/enrollment/
Here is the Duo login in Office 365 for a user who has already set up Duo:
Here is a short video that shows how to register for and use Duo: http://cf.umaryland.edu/ondemandtraining/duointro02/duointro02.html.
Your local IT support team and CITS IT will be conducting demonstrations of the setup and use of MFA at several locations around campus. The current schedule is available here: http://www.umaryland.edu/cits/services/multi-factor-authentication/.
You will have six chances to authenticate a request. After the sixth chance, your multi-factor account will be locked and you will not be able to access the system you are attempting to log into.
Your multi-factor account will automatically unlock after 10 minutes. If you continue to have issues, you will need to contact the Help Desk via email or 410-706-4357 for assistance with your account.
The myUMB Portal, SIMS/Banner, Office 365, ImageNow, and VPN will be the first systems to be protected by multi-factor authentication.
Deny the request and report the incident to the Help Desk immediately via email or by calling 410-706-4357.
No. Two-factor authentication adds a second layer of security to our online accounts. In an effort to keep your personal account information secure, we are requiring two-factor authentication on selected services.
If you travel internationally and need access to resources protected by Duo, you may wish to set your two-step verification method to Duo Mobile Passcode. Using Duo Mobile Passcode (available for smartphones or tablets), you can generate authentication codes even if you don't have an internet, Wi-Fi, or cellular connection. Please note that if you're traveling internationally (or have an international phone number) and are using text messages as your method of two-step verification, you may be subject to your carrier's roaming charges for SMS messages. Use of SMS is not recommended for international travelers.
It is important to enroll more than one device (such as a smartphone and desk phone) in MFA to avoid difficulties authenticating if you lose or don’t have your only enrolled device with you.
Duo will never ask for your user ID and password. If you receive such a request, do not respond.
We recommend that you have two devices registered with Duo in case one device is unavailable. In the event that you can't access your account due to your device(s) being unavailable, please contact the IT Help Desk via email or at 410-706-4557 for a temporary bypass code to allow access to your accounts.