Duo - How to Login with Multi-Factor Authentication

Overview

This article describes how to login through the UH Login portal through the different MFA options provided. University of Hawai'i ITS strongly recommends (link) that you set up at least 2 Duo devices.

• Remembered Devices
• Duo Push
• Phone Call
• SMS Text Codes
• Duo Mobile Passcode
• UH YubiKey Hard Token

Remembered Devices

When you successfully autneticate with Duo, you will be prompted to select Yes, this is my device or No, other people use this device. For all the methods below, you can choose do this step at the end, depending on if you are using a personal or shared device.

• If you click on the Yes, this is my device choice, you will not be prompted again to authenticate with Duo for 7 days. This is recommended for personal devices.
• If you click on No, other people use this device, you will not be asked this question again for 7 days, and will be presented with Duo each time you login. This is recommended for shared devices.

You can be presented with the Yes, this is my device / No, other people use this device choice again, if you clear your browser’s cookies/cache, . This can be done if you accidentally chose the wrong option.

Back to Top

Duo Push

If you have a Duo Push device setup, then Duo will default to automatically sending you a push the first time you login.  

A notification will appear on your Duo Push device:

• iOS: Press and hold on the notification, then tap on Approve to approve or Deny if it is a fraudulent request. You may have to unlock your device.
• Android: Tap on Notifications. You may have to unlock your phone. Tap on Approve to approve or Deny if it is a fraudulent request.

For further information on the Duo Mobile app, please refer to Duo's guides:

iPhone: https://guide.duo.com/iphone
Android: https://guide.duo.com/android

Back to Top

Phone Call

If authenticate using the phone call option:

1. A phone call will be placed to your phone. 
2. Answer the call, then press 1 on the mobile phone's keypad to approve or press 9 to report a fraudulent request.

Note: if you have a Duo Push device setup, you will first have to click on Other options before you can use the phone call method.

Back to Top

SMS Text Codes

To authenticate using SMS codes:

1. To select SMS text codes the first time you login under the UP, you will need to click on Other options.
2. Then, click on Text message passcode.
3. A passcode will be automatically sent to your phone.  Enter this passcode and click on Verify.
4. Optionally, and if it appears, click on the Yes this is my device option if you are using your own computer. This will prevent the Duo UP from prompting again for 7 days. 
5. If it is not the first time you are using SMS passcodes, the following screen will appear instead. Click on Send a passcode.
6. A passcode will be automatically sent to your phone.  Enter this passcode and click on Verify.

Back to Top

Duo Mobile Passcodes

This method is only available if you have set up the Duo Mobile app:

1. The Duo Mobile app can generate passcodes that will allow you to login. These passcodes can be generated even if your smartphone or tablet does not have wifi or cellular data service. At the Duo Push screen, click on Other options.
2. Click on Duo Mobile passcode.
3. Open the Duo Mobile app on your phone or tablet. If needed, expand the "University of Hawaii" section so that the (6 digit) code is displayed.
4. Enter the displayed code into the Passcode box, and click Verify.

Back to Top

UH YubiKey Hard Token

The UH YubiKey hard token is a USB device that you would insert into your computer's usb port. You would then "touch" a specific area of the YubiKey hard token to authenticate. UH YubiKey hard tokens must be purchased through the ITS Site License office, you will not be able to use YubiKeys purchased through other sources.

To authenticate using a hard token, follow these steps:

1. Insert the hard token into your computer's USB port prior to any login attempts.
   • Note for macOS users: the first time you insert a hard token into a Mac, you may be told, "Your keyboard is unrecognizable" or "Your keyboard cannot be identified". This message can be ignored; close the window by clicking on the red dot in the upper left.
2. If it is the first time you are trying to authenticate using a hard token, you will need to click on Other options when you get to the Duo MFA window.
3.  At the next screen, click on Yubikey passcode.
4.  You will see the following screen: "Enter Your Passcode"
5. Click within the Passcode box so that there is a cursor blinking in the box.  Press down on the token's gold area with any finger.
6. A (long) code will automatically be entered into the box, and the Verify button will automatically be pressed, and you should now be logged in.

​​​​​​​Back to Top