IT Connect
Information technology tools and resources at the UW

Use the “remember me” option

Use the “remember me” option to reduce how often you have to sign in with two-factor authentication (2FA) on the same web browser. It’s safe to use on trusted computers, and lasts for 30 days.

Recommended use

Use “remember me” on trusted computers

The “remember me” option is safe to use on computers and devices that you can trust to protect your browser. Examples include managed workstations at work, lab computers that require you to sign in, as well as personal computers, laptops, tablets, and mobile devices that protect your browser from use by others.

Do not use “remember me” on public or shared computers

The “remember me” option shouldn’t be used on computers and devices that don’t protect your browser, such as public or shared computers, and computers you don’t sign in to and cannot lock to protect your browser.

Frequently asked questions

What is the “remember me” option?

The “remember me” option tells your browser to remember that you have confirmed your identity using your 2FA device. If you select this option, you won’t have to use your 2FA device as often on that browser. For example, if you use it on your computer at work, it reduces how often you have to sign in with 2FA at work; but your laptop at home will still ask you to sign in with 2FA.

Why would I want to use it?

The “remember me” option saves you time and reduces distraction by reducing how often you have to use your 2FA device. If you routinely use the Duo callback method, it also saves the UW money in telephony costs.

Where is “remember me” displayed?

The “remember me” option is displayed when you sign in with UW NetID on the web. On most browsers, it is represented as a checkbox that says “Remember me on this browser”.

Refer to How to sign in with 2FA for instructions on using the “remember me” option within the context of the overall sign-in experience.

How long does it last?

The “remember me” option lasts 30 days. It saves a secure cookie on your browser to track the time until you need to use your 2FA device again.

How do I clear it on my current browser?

If the “remember me” option is enabled on the browser you’re using right now, go to idp.u.washington.edu/forgetme to clear the “remember me” option. To clear it on other browsers, repeat this process on each of them. 

How do I use “remember me” with Duo’s automatic “Send me a push” and “Call Me” methods?

If you have configured Duo to automatically send you a push notification or call you, the Duo screen and the “remember me” checkbox will be displayed in your browser until you approve the push or answer the call.  Just check the “remember me” box before completing the push or phone call.

Is “remember me” safe? Doesn’t it defeat the purpose of 2FA?

The “remember me” option is safe to use on computers and devices that you can trust to protect your browser. It doesn’t defeat the purpose of 2FA because the convenience it provides is limited to each computer and browser that you choose to use it on. If you or anyone else tries to sign in with your UW NetID on a different computer or browser, 2FA will be required.

Why is the “remember me” duration 30 days?

30 days is the current “remember me” duration because it is often enough to remind you that 2FA is turned on, but not so often to be annoying. While some institutions use shorter or longer durations, 30 days is a common duration at peer institutions.

Troubleshooting

I’m using the “remember me” option, and I still have to use my 2FA device more often than every 30 days. Why is that?

Some system owners require you to reauthenticate with 2FA every time you access their systems, regardless of your use of the “remember me” option. This can increase how often you have to sign in with 2FA. Other contributing factors include how many different computers you use, how many different browsers you use on these computers, whether or not you use the “remember me” option on all of them, how your browsers are configured to use cookies, and how often you clear your browser cookies.

Why do some system owners override the “remember me” option and reauthenticate me every time I sign in?

System owners decide to reauthenticate you based on what institutional and personal data they need to protect, and what threats and risks they need to guard against. Some of them reauthenticate you because they are concerned about unauthorized access from unattended browser sessions, and forcing you to reauthenticate is one way to reestablish that it’s really you.

Why isn’t the “remember me” option working for me? Are there things that prevent it from working correctly?

The “remember me” option requires the use of browser cookies, so it may not work as expected in these circumstances:

  • You cleared your browser cookies
  • You started using a different browser
  • You started using a different computer or device
  • You are using a private browsing mode
  • You disabled use of browser cookies
  • Your browser doesn’t allow cookies to be saved
  • You use a browser extension that blocks cookies
Last reviewed February 27, 2020