Troubleshooting & Frequently Asked Questions

Duo is a tool that provides multi-factor authentication (MFA) to better protect your account by requiring additional information beyond your username and password. When you access certain CSU System services—including Microsoft 365 applications (OneDrive, Teams, etc.), university email accounts, CSU’s GlobalProtect VPN, HR, and Banner—you will be required to use a mobile phone, security key or hardware token to verify your identity. This provides an additional layer of security for your account. How do I get started? To use Duo, you must attach a mobile phone, security key or hardware token to your account on the NetID website. It is recommended to attach multiple devices in case your primary device is inaccessible. Use the following articles to learn how to attach a device to your Duo account: How do I register and activate the Duo Mobile app? How do I register a security key for Duo? How do I register a hardware token for Duo? Once you have successfully registered at least one device, you can test your account by logging out of and back into the NetID website. For instructions on how to use Duo to log in, see How do I authenticate with Duo?. Support If you require assistance with Duo, please submit a help request.

When you log in to CSU System applications and services that are protected by Duo, you will be redirected to the Duo Universal Prompt and asked to authenticate using one of the following methods: Duo Push: Sends a notification to the Duo Mobile app on your smartphone or tablet. To approve the login request, tap the "Approve" button in the notification. Some CSU System applications and services use Duo Verified Push, which displays a three-digit code in the Duo Universal Prompt. Instead of simply tapping the "Approve" button, you will be required to enter this three-digit code into the notification. If you don't receive the push notification, you can also approve the request from within the Duo Mobile app. Open Duo Mobile and tap the "Approve" button at the bottom of the screen. Duo Push requires that your mobile device is connected to the internet via a cellular data plan or WiFi. An international data plan should work. If your mobile device cannot connect to the internet, use a Duo Mobile Passcode instead. Important: If you ever receive a notification when you are not trying to log in, click the Deny button on your device. Duo Mobile Passcode: Open the Duo Mobile app on your smartphone or tablet, and click the "Show" button under your account. Enter the six-digit code shown into the Duo Universal Prompt to log in. Security Key: Connect your USB security key to your computer, and follow the instructions in your browser; this may entail tapping the key or pressing a button. Hardware Token Passcode: Press the button on your hardware token and enter this code into the Duo Universal Prompt to log in. Hardware tokens are available for purchase at RAMTech in the Lory Student Center. Tokens can get “out of sync” if the button is pressed too many times in a row and the generated passcodes aren’t used for login. This causes the token to generate codes not accepted by Duo. Please submit a help request if your token is out of sync. Bypass Code: These special codes can only be generated for you by DoIT's Duo administrators. You may need to input a bypass code if you contact the DoIT Help Desk. Duo will automatically select your default authentication method; to use a different authentication method, click Other options. Once you have authenticated with your selected method, you will be redirected back to the application. Note: Do NOT select "Approve a request on my Microsoft Authenticator app". This method is not supported by the Division of IT and will prevent you from successfully accessing the application you are trying to log into. See the following articles to learn more about registering a device for use with Duo: How do I register and activate the Duo Mobile App? How do I register a security key for Duo? How do I register a hardware token for Duo? Support If you require assistance with Duo, please submit a help request.

This article guides you through registering a security key for Duo multi-factor authentication (MFA) at Colorado State University. A security key is a USB device that must be connected to your computer for use with Duo, available for purchase at your campus bookstore or technology store. Security keys cannot be used with remote devices (e.g., RDP, SSH, websites visited on a VM). Hardware tokens are also available for purchase at your campus bookstore or technology store for those who need remote access but do not wish to use Duo Mobile. Prerequisites You will need access to a previously established Duo authentication method (e.g., Duo Push or passcode). Instructions Navigate to https://netid.colostate.edu/ and log in with your NetID and password. When the Duo prompt appears, select Other options. From the options menu, navigate to the bottom and select Manage Devices. To proceed, authenticate using a previously established method or a bypass code generated for you by the Division of IT Help Desk. Once authenticated, select Add a device from the Manage Devices menu. In the add device menu, select the Security key option. At the set-up security key menu, click Continue. This will open a popup in your browser with the message "duosecurity.com wants to see the make and model of your security key". Plug your USB security key into your device and touch it to activate it when prompted. If successful, a message will confirm that the security key was added. Click Continue. Related Articles For instructions on using your security key, see: How do I authenticate with Duo? For instructions on registering the Duo Mobile app: How do I register and activate the Duo Mobile App? Support If you require assistance with Duo, please submit a help request.

This guide will walk you through registering and activating the Duo Mobile app on your smartphone or tablet for multi-factor authentication (MFA) at Colorado State University. Prerequisites You will need two devices: the smartphone or tablet you wish to attach to your account, and a second device (i.e. a laptop or computer) used to attach it. Please make sure Duo Mobile supports your device before installing the app: Which versions of iOS does Duo Mobile support? Which versions of Android does Duo Mobile support? Instructions 1. Install Duo Mobile on your smartphone or tablet: Duo Mobile for iPhone Duo Mobile for Android 2. Register your smartphone or tablet: Log in to the NetID Two-Factor Authentication (Duo) page with your NetID and password. Click on the Register Device link on the right side of the Two-Factor Authentication page. Provide a unique Device Name (e.g., Cam's iPhone14). Click on the Type dropdown and select Duo Mobile App. Click on the Platform dropdown to select the device platform (e.g., Apple iOS, Google Android, etc.). Click the Save button to save the device information. After saving, the page will refresh to the Two-Factor Device Activation page with a barcode displayed. Leave this page open and move to the next step. 3. Activate Duo Mobile: Open the Duo Mobile app on your device. Tap + Add next to the Accounts section. Use the Duo Mobile app’s barcode scanner to scan the barcode displayed on the Two-Factor Device Activation page. Once the device activates, the Duo Mobile app will display Colorado State University as an account. Click on Return to display your registered devices. Related Articles For instructions on how to use the Duo Mobile app, see: How do I authenticate with Duo? Support If you require assistance with Duo, please submit a help request.

This article guides you through registering a hardware token for Duo multi-factor authentication (MFA) at Colorado State University. A hardware token is a small device used exclusively to generate six-digit codes for use with Duo. Hardware tokens are available for purchase from RAMtech and the CSU-Pueblo Bookstore, and are automatically attached to your Duo account at point of sale. Related Articles For instructions on how to use the hardware token, see: How do I authenticate with Duo? For instructions on registering the Duo Mobile app: How do I register and activate the Duo Mobile App? Support If you require assistance with Duo, please submit a help request.