IT Connect

Information technology tools and resources at the UW

How to sign in with 2FA

Two-factor authentication (2FA) adds a layer of security when you sign in with your UW NetID. First, you’ll enter your password, then use your 2FA device to prove it’s really you.

Overview

Getting started

You have to set up and have a 2FA device with you to sign in with 2FA.

Refer to the 2FA home page to set up 2FA devices.

When do I sign in with 2FA?

You will be asked to sign in with 2FA when you access a system that requires it.

Steps

Follow these steps using a browser and your 2FA device:

  1. StepsActions
  2. Browse to the system or application that requires signing in with 2FA. It will initiate the process of signing in.
  3. Sign in with your UW NetID and password, as usual.
  4. Choose the sign-in option you want to use for 2FA. The options depend on what type of device(s) you have set up, as well as your 2FA settings. If you set up more than one device, choose the device you want to use. If you changed the default settings to automatically initiate your preferred sign-in option, you won’t need to choose your device or sign-in option.
    1. Send Me a Push – Select this option if you set up a smartphone or tablet to use Duo Mobile and your device has an internet connection. Duo will send your device a push notification. On your device, approve the request to continue.
    2. Call Me – Select this option if you set up a smartphone or you set up a mobile phone or landline, and you want to prove it’s you by receiving a phone call. Duo will call you. Answer your phone and follow the instructions on the call to continue.
    3. Enter a Passcode – Select this option if you set up a smartphone or tablet to use Duo Mobile. This option works even if your device has no internet connection or cellular coverage. Launch Duo Mobile on your device, tap the key icon next to “University of Washington”, and Duo Mobile will generate and display a passcode to use. If you’re using a hardware token instead of Duo Mobile, press the button on your hardware token to generate a passcode. Enter the passcode and click Log In to continue.
    4. Universal 2nd Factor (U2F) – If you set up a U2F device and you’re using a compatible browser, tap or insert your U2F device to continue.
  5. If successful using your 2FA device to prove it’s really you, sign-in is complete. Your browser will continue to the system or application that initiated the sign-in process.

Troubleshooting

I don’t have my 2FA device with me

If you don’t have any of your 2FA devices with you, contact the UW-IT Service Center. They can verify your identity over the phone and give you a temporary bypass code to sign in with 2FA. If your 2FA device is lost or stolen, refer to our info on lost or stolen 2FA devices.

I took too long to sign in, and it timed out

If you don’t approve a push notification or phone call within the allowed time, your request will time out. If this happens, try again by selecting “Send Me a Push” or “Call me” a second time. Or start the sign-in process again from the beginning.

My passcode is incorrect

If you enter an incorrect passcode, sign-in will fail. Generate a new passcode from Duo Mobile or your hardware token and try again.

My hardware token stopped working

Hardware tokens can get “out of sync” if the button is pressed too many times without signing in. Contact the UW-IT Service Center to resynchronize your hardware token.