ITS Home  |  Services  |  Self Help  |  Governance  |  Support  |  Contact     

Multi-Factor Authentication (Duo) FAQ

What is multi-factor authentication (MFA)?

Multi-factor authentication, also sometimes referred to as two-step or two-factor authentication (2FA), is a security method that requires an individual to provide two or more forms (also called factors) of authentication to verify their identity in order to access a particular resource. These forms of verification may include a password, a code sent via text, or a code sent via telephone.

How does MFA work?

MFA is commonly used for resources like email or online banking, that contain sensitive or private information. Each time an individual logs in to an account with MFA, they must first provide their username and password (one form of authentication), then follow a prompt to send a code by telephone or text to the mobile device they have on file (second form of authentication). This method verifies that the person who entered the username and password is actually the owner of the email or bank account and should be allowed to access it.

How is MFA used at Cal Poly?

Cal Poly students, faculty and staff are required to verify their identities with Duo when logging in to any web-based resource that requires a username and password, including My Cal Poly Portal, Canvasemail and calendar, and more. If you have not already set up MFA, you will be prompted to do so when you try to access any resources behind a Cal Poly login. MFA is required for all Cal Poly accounts, except for shared club/department accounts.

Do I have to use MFA every single time I log in to email and the Portal?

No. When you log in to Cal Poly resources and authenticate with Duo, you will see a screen that asks, “Is this your device?. If you click Yes, this is my device, it will save your response for 30 days, so you won’t have to keep authenticating each time you log in for that 30-day duration. If you select
”No, other people use this device, then you will still need to authenticate each time you log in.

How do I set up Duo MFA?

Check out our article, Set Up Multi-Factor Authentication (Duo), to walk through the process of getting started with Duo and enrolling the device you want to use to authenticate.

What kinds of devices can I use with Duo to verify my identity?

You can use a mobile phone, a tablet, a landline, a tokenTouch ID, or a security key with Duo. The device you choose to authenticate with must first be set up through the My Cal Poly Portal. If at any point you need to change the device you use to authenticate with Duo, you must update your authorized device in the My Cal Poly Portal.

I don’t have a mobile device, what are my options?

Any member of the Cal Poly community can request and receive a token to use with Duo at no cost. Tokens generate an authentication code without an internet connection or cell signal. You can request a token online via Support Center. Tokens are sent by mail from the Service Desk and may take up to five days to be delivered to you. Duo also allows for physical authentication by tapping a compatible security key, which you can purchase, or using a built-in biometric authenticator, like Touch ID, which is available on some laptop computers.

How does MFA make Cal Poly accounts more secure?

Passwords are becoming increasingly easy to compromise. MFA adds another layer of protection to Cal Poly accounts, making it much more difficult for unauthorized people to gain access. While they may know your password, they won’t be able to recreate a second authentication factor, like a code that has been texted to you. Using MFA is now standard practice at most universities, including all 23 California State University campuses.

How will I be able to share my Cal Poly log-in with my parents?

Educational records are private and protected under the Family Educational Rights and Privacy Act (FERPA). Students can share their Cal Poly information with trusted recipients, such as parents or scholarship donors, using Share My Info. Share My Info is a Cal Poly web application that lets a student grant access to specific records or information to one person or a group of people.

What is Duo Universal Prompt?

On Feb. 19 2024 the authentication screen updated. It’s still the same Duo you know and trust, just with a more streamlined design and enhanced security.

  • Log in to an application with Duo as you usually would. If you are due for a Duo push, the Universal Prompt will automatically replace the traditional prompt, changing the look of your login page. 

  • Duo’s Universal Prompt will present the most secure method to authenticate your identity.
    (Choosing the default option is recommended for the first time. )

  • Duo will remember your choice and present that method the next time you log in.

    You will notice visible changes on the log-in prompt. See the sample sequence of screenshots below for a preview of the new look compared to the old:

New Look

Old Look

The inititial login screen is the same as the old look. After you enter your username and password, then click Login button you will see the new look as shown in the screenshots below…


Duo may present you with the PassKey/Touch ID option at first. If you don’t have a Passkey to use, simply click Close.  Then click Other options and choose your preferred authentication method.



Now Duo’s new universal prompt displays the most secure method for you to authenticate. You may choose Other options as well from this screen.



This screen is displayed when you click Other options.



After you log in you’e asked to notify Duo whether this is your device to keep the settings for your convenience. If you are using a lab computer/other device, you now have the option to indicate that so after you are finished the next user will get a new authentication prompt from Duo.





After the first time, this is what the prompt looks like with the Remember me checkbox.
(Duo Push shown below as one example, authentication method varies based on user preference)



For More Technical Details Visit: Duo Universal Prompt - Guide to Two-Factor Authentication · Duo Security

Request Support  |  805-756-7000  |  Service Catalog

Site Map  |  Privacy Notice  |  Web Accessibility Statement  |  © 2024 California Polytechnic State University