IT Connect
Your connection to information technology at the UW

Azure AD 2FA authentication

The Azure AD domain supports two 2FA providers: Duo and Azure MFA. In all scenarios, this only covers web-based methods.

Duo is the primary 2FA provider at the UW and the default choice with Azure AD. Azure MFA is used for Azure AD only user accounts or for other unique scenarios.

There are 2 general scenarios for 2FA with Azure AD:

  1. On a per-user basis, you can enable Duo with Azure AD, via ‘Opt in to use 2FA on the Web’. This will enable 2FA for all web applications that use Azure AD for authentication.
  2. On a per-application basis, you can require Duo. See for more info.

The typical sign-in experience for a federated Azure AD user account with Duo 2FA enabled is detailed here.

Enabling ‘UW Duo 2FA for the web’ does not cover all experiences in the Microsoft ecosystem–read this doc for more.

Last reviewed May 29, 2020