What is Two-Step Login?
NOTE: Effective Sept. 15, Two-Step Login users who choose the phone-call authentication method will press “1” to complete authentication or “9” to cancel authentication and report the authentication attempt as fraud.
To better protect your information, the University of Iowa uses Two-Step Login as an extra layer of security on select websites and services.
Using Two-Step Login helps keep academic and personal data safe—opt-outs aren't permitted. Passwords provide only so much protection—even the strongest ones can be stolen. Requiring login verification from a device only you possess (for example, your mobile phone) prevents hackers from accessing your accounts and pretending they’re you.
Chances are you already use two-factor authentication systems with your bank and even your social media accounts. Your employment or academic records, bank account numbers, and other sensitive information stored in UI systems deserve the same protection.
If your HawkID account becomes compromised, at best it will prevent you from accessing UI systems temporarily while you work with security experts to resolve the problem. In the worst cases, hackers have stolen thousands of dollars by redirecting bank deposits—the risk is real.
The university uses Duo Security tools—including the Duo Mobile app—to administer the Two-Step Login process. We recommend using the Duo Mobile app to complete your logins because it is safer, faster, and the most reliable way to complete two-step logins. If you’re currently using phone calls or other methods, switch to push notifications now.
For step-by-step instructions on how to enroll in Two-Step Login using the Duo Mobile app, watch this how-to video:
UI faculty and staff are required to use Two-Step Login when accessing Employee Self-Service, ICON, MAUI, Office 365 products, and other systems.
Frequently Asked Questions
Past 90 Days
Effective Sept. 15, Two-Step Login phone-authentication methods will change. Users who select the “call-me” option to authenticate their logins will be prompted to press “1” to complete authentication or “9” to cancel authentication and report it as fraudulent.
As a part of an ongoing effort to enhance security on campus, beginning August 1, 2020, Two-Step Login will be required to access several electronic research administration services, including: UIRIS, eIACUC, eCOI, HawkIRB, eIBC, eDSP, and myPortal.
ITS will complete upgrades during this maintenance window. The HawkID password reset tool (https://hawkid.uiowa.edu) and Duo admin tools will be unavailable.
To increase security measures and reduce phishing on campus, Two-Step Login with Duo Security will be enabled for Office 365 web services for users currently enrolled in Two-Step on June 25.
Expected user experience:
- https://office365.uiowa.edu will prompt for Duo two-step login during each visit. It is possible to select “Remember me for 30 days.”
- Most connected clients (OneDrive for Business, Outlook, Mobile Email, Skype for Business, etc.) will not prompt for Duo two-step login. These clients already have cached credentials that should remain valid. Some of these clients will prompt for Duo in the future during an event such as a HawkID password change.
- Some client software tools (Outlook for Windows, Thunderbird, Android Mail, Skype for Business) are not currently compatible with Duo two-step login. We’ve configured the system to allow these clients to function without Duo.
To increase security measures on campus, UI Anywhere VPN users will be required to use Two-Step Login/Duo to verify and complete their VPN connections starting May 16. Find instructions for logging into the VPN using Two-Step Login for more information.
Duo has resolved this issue.
We are currently experiencing latency issues with Duo multi-factor authentication. The vendor is working to resolve these issues as quickly as possible.
This issue has been resolved.
There is currently an issue with DUO Two Step Authentication. ITS is working to resolve the issue.
Two-factor authentication will be unavailable due to a vendor database capacity upgrade.
The vendor has fixed the latency problems and service has been fully restored. Please contact the ITS Help Desk if you have any further issues using this service.
The two-step login service is experiencing latency issues. After login there is a delay before you can access the service.
This issue is resolved. Please contact the ITS Help Desk if you experience any further issues using the Two-Step login service.
Users are reporting issues authenticating with Two-Step login. Upon login the Two-Step page that appears is blank. Support staff are working on the issue.
Maintenance is scheduled for the Two-Step Login service. We expect the service to continue working as expected during this time.
This issue has been resolved. Please contact the ITS Help Desk if you experience any further issues using the Two-Step login tools.
We are currently experiencing issues with Two-Step login (Duo) for text messaging and phone calls. Support staff are working on the issues.
We are currently experiencing issues with the Duo Two-Step Login service. ITS support staff are working with the vendor to fix this problem as quickly as possible.
The Duo-Two Step authentication service using phone calls is not working. Customers receive a message saying "Error during call: Insufficient telephony credits." when trying to place a call for authentication. ITS support staff are working to resolve this problem as quickly as possible.
We will update this notice as soon as more information is available.