Improving online security with two-step login

by Lenette Votava

Computer

Protecting your personal information and Notre Dame’s most sensitive data from cyber-attacks continues to be a top priority. Two-step login has been implemented to provide an extra layer of protection around this data. More than 8,000 staff members have been using it for a year or longer. As of February, over 2,000 faculty members and over 13,000 students are now using two-step login.

The two-step login process requires a second way to verify your identity before allowing access to a service. The second verification from a previously identified device — such as your cell phone, landline or tablet — can significantly reduce the risk of identity theft.

Some important tips to keep in mind when using two-step login:

• Get in the habit of taking one of your enrolled mobile devices with you anywhere you need to access an ND service on a computer (office, classroom, home or when you are traveling). If you misplace, lose or break your only enrolled device, you will have to contact the OIT Help Desk for assistance.

• Be sure to enroll at least two devices. You can enroll additional devices on your device management page (twostep.nd.edu) such as:
• Mobile phone
• Office phone
• Tablet
• Phone number of a trusted colleague, administrative assistant or spouse.

If you get a new phone:
• With the same phone number: You need to reactivate your new phone on your device management page.

• With a different phone number: You need to add the new phone number to the device management page and remove the phone number from the phone you no longer have.

• When you are required to do two-step login on one of your own devices, be sure to check the box titled “Trust this device for 30 days.” If you log in to other two-step enabled services on this device and the same browser, you will not have to do the second step for 30 days.

• If you don’t have access to any of your enrolled devices, there are a variety of options you can use to help you log in to a two-step enabled service:

• If you know in advance that you will be away from your devices and you have the Duo mobile app installed on your smartphone, you can generate a one-time use passcode.

You can record that passcode somewhere (perhaps on a slip of paper in your wallet) and keep it as a backup.

• If someone else has access to one of your enrolled devices, you could contact that person at the time you are attempting to log in, and ask them to respond to the Duo notification on that device.

• If you are trying to log in during normal business hours, you can contact the Help Desk and ask them to authorize you to create a one-time passcode on your computer. You can use this passcode to log in to more than one device (laptop, tablet); however, it will only be active for 24 hours.

Note: The Help Desk will need to verify your identity, usually by presentation of a photo ID, or identifying someone else on campus who we can contact that will recognize your voice.

If you have any questions, contact the OIT Help Desk at 574-631-8111 or oithelp@nd.edu, or go to ntrdame/twostepinfo.