Accounts & Access Management
Passwords aren’t getting the job done to protect the university and you against cyber attacks.
Two-Factor Authentication (2FA) boosts protection of your account from hackers. We are all used to having one layer of security — our password — to protect our accounts. With 2FA, if the hackers have your password, they will still need your phone or passcode to get into your account. It is important to never accept a DUO push unless you initiated it.
- Students will enroll for 2FA the day after registering for classes for the first time.
- Staff, Faculty, and Members will enroll for 2FA the first time they log into their account.
- Alumni and Retirees, two-factor authentication now required for all alumni, retiree, and emeritus email accounts.
When using 2FA, you’ll be required to use two different sources (factors) to verify your identity:
- Something You Know – your username and password
- Something You Have – a phone or passcode, to authenticate and gain access to an account. For example, this may be a smartphone or tablet using an app or a hardware token device.
The university has engaged Duo Security to provide two-factor authentication services. There are three ways you can use two-factor authentication to log in to your accounts.
Duo Push (Preferred Method) – Install the Duo Security Mobile app on your smartphone to receive push notifications. Once this is installed, and you attempt to login to UT applications, you’ll receive a push notification on your smartphone. Open the notification, and you’ll see a green checkmark and a red “X”. Simply tap the green checkmark to gain access. Using the Duo app also adds an extra physical layer of security to any smartphone with a passcode enabled.
Passcodes – Use the Duo Security mobile app to generate temporary passcodes. This option does not require WiFi or data, so this is a great option if you’re traveling or if you have limited or no cell/internet service. Open your Duo mobile app, tap the key icon, and it will reveal a passcode. Log into the application, choose the enter a passcode option, enter the code, and you’re in!
Hardware Token – If you do not have a smartphone, you can request a hardware token from IT in M101. The hardware token will generate temporary passcodes.