Duo 2FA: How to Authenticate
What to Expect with Duo Two-Factor Authentication
When accessing a website that utilizes two-factor authentication, users will first log in using their CSU credentials.
Enter your NetID and password, click Login.
Note: At times, the Duo prompt may not store your login information and will ask you to enter your credentials again.
- If when the Single Sign-On page appears and it prompts you to enter your email address, enter it in the “netid@colostate.edu” format, where “netid” is replaced with your NetID.
- Click Next.
- Enter your NetID password when prompted.
- Click Log in.
After logging in, the Duo Universal prompt automatically selects the user’s default authentication method.
The image below shows a user who has Duo Push as their default method.
To use a different authentication method, click “Other options” to display all other devices you have set up.
Once you have authenticated with your selected method, you will be logged in to the application.
Options for Duo Authentication:
- Send Me a Push – Using the Duo Mobile App
- Easiest, fastest method
- Enter a Passcode – Using the Duo Mobile App or Hardware Token
- Great when you’re outside of cellular reception
- Hardware Tokens
Expand the sections below for details on what to expect when you authenticate with each method.
-
DUO Universal Prompt (default)
The Single Sign-On screen may prompt you to enter your email address. Enter it in the format “netid@colostate.edu”, where “netid” is replaced with your NetID.
Click Next.
Enter your NetID password. Click Log in.
After you have logged in with your NetID and password, Duo will automatically select your default authentication method.
The screenshots below show one user with the security key as their default and another user with the Duo Push as the default.
To use a different authentication method, click “Other options”.
Once you have authenticated with your selected method, you will be logged in to the application.
-
Send me a push
Important: If a notification is ever received when you are not trying to log in, click the “Deny” or “I’m not logging in” button.
When using the Duo push option for most applications, you’ll need to enter a verification code from your device into the application you’re trying to access to complete the authentication.
The prompt on the screen will display a three-digit verification code and instruct you to input it into the app. Once you have entered the code, click “Verify”.
Once the code is accepted, you will be logged into the requested website.
_______________________________________________________________
Some applications will continue to use the Approve/Deny functionality. To approve the login request from the push notification for those applications, select “Tap to View Actions” then tap “Approve”.
To approve the login request in the Duo Mobile App, open the app and tap the Approve button at the bottom of the screen.
Once the notification has been approved, you will be logged into the requested website.
-
Enter passcode with DUO Mobile App
Open the Duo Mobile App on your device, then tap “Show” next to the Passcode section.
The Duo Mobile App will populate a 6-digit code under the Colorado State University account.
Enter the 6-digit passcode from the Duo Mobile App into the passcode textbox and then click the Verify button.