Multifactor Authentication — Duo
Also known as MFA, two-factor authentication, TFA, Duo and two-step verification.
Multifactor authentication (MFA) uses multiple proofs of identity to ensure you are authorized to access the service or resource that you are requesting.
These proofs include more than one of:
- something you know (a secret piece of information, such as a password)
- something you have (a token, card or device)
- something you are (a biometric measurement or representation)
CUIT uses Duo as the MFA service to verify your identity for Columbia’s centralized applications. With Duo, you can use a mobile app, or a phone call to authenticate. Duo can be combined with other authentication factors like username and password authentication to create multifactor authentication. Most people use Duo via the mobile app, Duo Mobile, which runs on a variety of smartphones and tablets.
Duo multifactor authentication will soon be required for access to all CAS-protected services, including Columbia Health, View Your Paycheck, Courseworks and others.
Authentication is the process of ensuring that something is genuine. Username and password authentication uses a shared secret (the password) to establish that a user of an application is actually who or what the user claims to be.
Multifactor authentication (MFA) uses multiple forms, or factors, of proof, including:
- Something you know (a secret like a password)
- Something you have (a token, card or device)
- Something you are (a biometric measurement or representation)
The number and independence of the authentication factors add to the degree of confidence we have in the identity of the person or thing. This degree of confidence is sometimes called the level of assurance. A multifactor authentication is said to have a higher level of assurance than an authentication that uses a single factor.
Duo is a service that can use a mobile app, a token, or a phone call to authenticate you. It can be combined with other authentication factors like username and password authentication to create multifactor authentication. Most people use Duo via the mobile app, Duo Mobile, which runs on a variety of smartphones and tablets. Here are descriptions and screenshots of Duo Mobile for Android and Apple iOS.
Duo has been added to Columbia's CAS authentication service to create multifactor authentication for web browser-based applications. It is required for all CAS logins for faculty, staff and students. Duo authentication has also been added to Remote Desktop Protocol (RDP) logins for CUIT-managed Windows servers, logins to CUIT-managed Linux hosts including cunix, VPN logins, and logins to various other services.