What is Multi-Factor Authentication?

Multi-factor authentication (MFA) requires you to verify your identity using one or more factors in addition to username+password, such as your phone or other mobile device. This process prevents anyone but you from logging in, even if they know your password.

How does Duo work?

This video helps illustrate how the process will work.

Why are we implementing MFA?

Multi-factor authentication will add an additional layer of security to LC State accounts. Passwords are increasingly easy to compromise. They can often be stolen, guessed, or hacked - you might not even know someone is accessing your account. Multi-factor authentication helps keep your account secure even if your password is compromised.

What is the timeline and scope?

Testing and opt-in
IT will conduct internal tests to determine the best method for deploying MFA. Once this method has been tested and refined, members of the LC State community will be provided with instructions and invited to begin using MFA at their own pace. Following this "opt-in" period, deadlines will be announced for departments to initiate use of MFA. After this date, employees will receive prompts to enroll in Duo when attempting to access certain applications.

Email (Office 365) | Colleague | Other applications to follow
Office 365 will be the first application to be integrated with MFA. Colleague and other applications that use the LC State username and password will be added later. Throughout the deployment, IT will seek to minimize disruption to your routines and workflows, while gradually introducing the security enhancements provided by multi-factor authentication.

How do I get started (opt in)?

Watch this 35 second video to get a quick demo of the enrollment process.

Detailed instructions for enrolling your smartphone.

What if I don't enroll by deadline?

MFA will be activated on X (date is still being determined) and if you have not enrolled in Duo by then, you will be prompted to enroll the next time you access your Office 365 applications.  Please enroll by X date to prevent disruption to your account

What should I choose for a second factor?

We strongly recommend you choose your smartphone as it provides the best experience with Duo multi-factor authentication.  This device will need to be with you when you need to access your Office 365 applications.

If you are unable to download the Duo Mobile app because your smartphone is not supported or you don't have a smartphone, then you can utilize a USB security key. The security key will be purchased by your department and costs $90.

How often will I be prompted for a second factor?

The policy is set to every 14 days, but some circumstances may require you to log in more often, including: clearing the browsing history; accessing certain websites; using certain browser settings; using more than one device and web browser.

What if I forget or lose my two-factor device?

Contact the Help Desk to request a temporary bypass code to log in.

What should I do if I don't get a notification I'm expecting?

Open the Duo Mobile app and the push should be there waiting. If it still doesn't appear right away, you can "drag" the Duo Mobile screen down to force a refresh and the prompt should appear as expected. Also check "Notifications" on your phone to make sure you are allowing Duo Mobile to notify you.

What do I do if I get a random Duo Push when I'm not trying to log in?

If you get a random Duo Push, please use the deny button to reject the Duo multi-factor authentication and report it to IT.