"Duo Security" is a cloud computing service that provides a second login step for additional security protection when accessing important systems and services, sensitive institutional data, and personal information. This function we call "Two-Step Login" which pairs something you know (HawkID & password) with something you have (an enrolled device) to complete a secure login.
When you login to a web site or application that is enabled for Two-Step Login, you are prompted to verify that the login is being made by you (using a device that only you control), and not by an unauthorized person attempting to login with a stolen HawkID and password.
Duo offers several options to verify that logins are legitimate:
- a mobile push notification with one-tap verification of identity on a smartphone (requires installation of the free Duo Mobile app)
- a one-time code generated in the Duo Mobile app on a smartphone (tap the green key symbol)
- a one-time code generated by Duo and sent to a cell phone or tablet via text message
- a telephone call to a landline phone that will prompt you to verify the login request
In practice, you enter your HawkID and password normally, and then select the method to verify the login request is actually from you. If you have multiple devices enrolled (recommended) your default device is always selected, but you can change to another enrolled device for that login using the drop-down list. You choose a method (push-notification, text message, phone call, or a one-time code) that is supported by the device type to gain secure, verified access to an application.