- Academic Affairs
- Accountability and Compliance
- Administration and Finance
- Center for Health and Homeland Security
- Center for Information Technology Services
- Communications and Public Affairs
- Community Engagement
- Government Affairs
- Human Resource Services
- Office of Philanthropy
- Operations and Planning
- Police and Public Safety
- President's Office
- Research and Development
- University Counsel
Duo is the University of Maryland's solution for multi-factor authentication.
What is Duo?
Multi-factor authentication (MFA) requires something you know (your UMID password) and something you have (like a smartphone or tablet app, or a mobile phone or landline phone) as an added layer of security to prevent anyone else from accessing your account. Multi-factor authentication is one of the most effective methods to prevent phishing, helping to protect you and the UMB community. Duo is the multi-factor authentication solution at UMB.
Passwords are essential for security and privacy, but they are often not enough. They can often be stolen, guessed, and hacked — you might not even know who else has your password and is accessing your account. Multi-factor authentication adds a second layer of security to your account to make sure that it stays safe, even if someone else knows your password, by using your phone or other device to verify your identity. You will be alerted right away (on your phone — mobile or landline — or tablet) if someone tries to log in using your password. This prevents anyone but you from accessing your accounts.
All faculty, staff, and students will eventually be required to enroll in Duo to access MFA-protected applications. The first phase of implementation will be restricted to highly privileged users of eUMB and SIMS/Banner, Office 365, ImageNow, and VPN.
How do I use Duo?
You can use a landline or a tablet. Duo also lets you link multiple devices to your account, so you can use your mobile phone, a landline, and/or a tablet. We suggest that you enroll more than one device for redundancy in the event that a device is lost or unavailable.
If none of these options is available to you, you can be issued a hardware token, or "fob." Please coordinate with your local school or department IT team for approval:
- HS/HSL — M.J. Tooey
- School of Dentistry — Kent Buckingham
- School of Law — Simon Canick
- School of Medicine — Scott Stefan
- FPI — Ben Sfanos
- School of Nursing — IT Help Desk
- School of Pharmacy — Tim Munn
- School of Social Work — David Pitts
If your account has been enabled to use Duo as the second factor, you will log in to the system as you usually do. You will then be prompted to enter the second factor.
You will be prompted to select which Device you wish to use (Android, token, etc.) and to choose an Authentication Method (Duo Push, Call Me, etc.) depending on the device and method:
- Duo Push: Duo will send a notification to the Duo app on your mobile device. You will then select Approve and Confirm.
- Call Me: Duo will call the phone number and ask you to confirm or deny your identity.
- Passcode: For more information on passcodes, visit here: www.umaryland.edu/cits/services/duo/faq/bypass-codes-and-SMS/.
Below the list of authentication methods is a check box labeled "Remember me for 10 hours." Select the check box if you want that device to be remembered for 10 hours.
Here is the Duo login as seen in a Shibboleth-protected system, like the myUMB Portal:
Here is the Duo login in Office 365, via https:\\portal.office.com, for a user who has not yet set up Duo.
Clicking on Start Setup will step you through the Enrollment process, described in greater detail here: www.umaryland.edu/cits/services/duo/enrollment/
Here is the Duo login in Office 365 for a user who has already set up Duo:
Effective March 5, 2018, the VPN client will prompt all users for Group, Username, Password, and Second Password. Options for Second Password include:
- this sends a DUO confirmation request to the DUO Mobile app on your phone or tablet
- enter the passcode generated on the DUO Mobile app or hardware token
- visit www.umaryland.edu/cits/services/duo/faq/no-duo-mobile-and-VPN/ for alternatives to the DUO Mobile app
To change the device settings for your DUO account, or to set up your DUO account for the first time, log in to https://directory.umaryland.edu and click on Multi-Factor Authentication.
Here is a short video that shows how to register for and use Duo: http://cf.umaryland.edu/ondemandtraining/duointro02/duointro02.html.
If you get a new phone, you will need to reactivate Duo Mobile. This can be done through our Account Management site. When accessing the portal, you will need to complete the two-factor authentication process. If you have a second device, you can use it to authorize. Otherwise, you will need to choose the option to have Duo call your phone before you can reactivate Duo mobile.
Contact the Help Desk via email or call 410-706-4357 immediately if you lose your phone or suspect that it has been stolen. The device will be disabled for authentication and you will be assisted in enrolling another phone/device.
While it is important that you contact the Help Desk if you lose your phone, remember that your password will still protect your account.
It is important to enroll more than one device (such as a smartphone and desk phone) in MFA to avoid difficulties authenticating if you lose or don’t have your only enrolled device with you.
To add a backup device, follow the procedures listed here - www.umaryland.edu/cits/services/duo/existing-user/.
We recommend that you have two devices registered with Duo in case one device is unavailable. In the event that you can't access your account due to your device(s) being unavailable, please contact the IT Help Desk via email or at 410-706-4357 for a temporary bypass code to allow access to your accounts.
You will have six chances to authenticate a request. After the sixth chance, your multi-factor account will be locked and you will not be able to access the system you are attempting to log into.
Your multi-factor account will automatically unlock after 10 minutes. If you continue to have issues, you will need to contact the Help Desk via email or 410-706-4357 for assistance with your account.
Deny the request and report the incident to the Help Desk immediately via email or by calling 410-706-4357.
If you travel internationally and need access to resources protected by Duo, you may wish to use a passcode as your two-step verification method. Using the Duo Mobile app (available for smartphones or tablets), you can generate authentication codes even if you don't have an internet, Wi-Fi, or cellular connection.
To generate a passcode using the Duo Mobile app, simply launch the app, then click on the key icon next to University of Maryland, Baltimore.
Then enter the displayed code when prompted for Second Password, or Enter Passcode.
You can find additional information on Passcodes here: www.umaryland.edu/cits/services/duo/faq/bypass-codes-and-SMS/.
Please note that if you're traveling internationally (or have an international phone number) and are using SMS, or text messages, as your method of two-step verification, you may be subject to your carrier's roaming charges for SMS messages. Use of SMS is not recommended for international travelers.
The myUMB Portal, SIMS/Banner, Office 365, ImageNow, and VPN will be the first systems to be protected by multi-factor authentication.
No. Two-factor authentication adds a second layer of security to our online accounts. In an effort to keep your personal account information secure, we are requiring two-factor authentication on selected services.
Duo will never ask for your user ID and password. If you receive such a request, do not respond.