Two-factor authentication (2FA) adds a layer of security when you sign in with your UW NetID. First, you’ll enter your password, then use your 2FA device to confirm it’s really you.
Overview
Getting started
You have to set up and have a 2FA device with you to sign in with 2FA. Refer to the 2FA home page to set up 2FA devices.
When do I sign in with 2FA?
You will be asked to sign in with 2FA when you access a system that requires it.
Steps
Follow these steps using a browser and your 2FA device:
- Browse to the system or application that requires signing in with 2FA. It will initiate the process of signing in.
- Sign in with your UW NetID and password, as usual.
- You will be automatically prompted for 2FA. The options depend on what type of device(s) you have set up, as well as your last used 2FA device. If you set up more than one device, you can choose the device you want to use by selecting “other options”.
- Send Me a Push – Select this option if you set up a smartphone or tablet to use Duo Mobile and your device has an internet connection. Duo will send your device a push notification. On your device, approve the request to continue.
- Use your Platform Authenticator – Select this option if you set up your device for platform authentication. Duo will use your device to approve your 2FA request. On your device, approve the request to continue.
- Enter a Passcode – Select this option when you have no internet connection or cellular coverage, or if you use a hardware token. If you set up a smartphone or tablet, launch Duo Mobile on your device, tap the bar containing “University of Washington”, and Duo Mobile will generate and display a passcode to use. If you’re using a hardware token, press the button on your hardware token to generate a passcode. Enter the passcode and click Log In to continue.
- Universal 2nd Factor (U2F) – If you set up a U2F device and you’re using a compatible browser, tap or insert your U2F device to continue.
- Call Me – Select this option if you set up a smartphone or you set up a mobile phone or landline, and you want to confirm it’s you by receiving a phone call. Duo will call you. Answer your phone and follow the instructions on the call to continue. Note this option only works with phone numbers in the US and parts of Canada.
- Select “Yes, this is my device” if you’re browsing on a computer or device that you can trust to protect your browser. This option reduces how often you have to sign in with 2FA on the same web browser by allowing Duo to “remember me”.
- If successful using your 2FA device to confirm it’s really you, sign-in is complete. Your browser will continue to the system or application that initiated the sign-in process.
Troubleshooting
I don’t have my 2FA device with me
If you don’t have any of your 2FA devices with you, contact us. We’ll verify your identity over the phone and give you a temporary bypass code to sign in with 2FA. If your 2FA device is lost or stolen, refer to our info on lost or stolen 2FA devices.
I took too long to sign in, and it timed out
If you don’t approve a push notification or phone call within the allowed time, your request will time out. If this happens, try again by selecting “Send Me a Push” or “Call me” a second time. Or start the sign-in process again from the beginning.
My passcode is incorrect
If you enter an incorrect passcode, sign-in will fail. Generate a new passcode from Duo Mobile or your hardware token and try again.
My hardware token stopped working
Hardware tokens can get “out of sync” if the button is pressed too many times without signing in. Refer to our information on hardware tokens to learn how to resynchronize your hardware token.