Two-Factor FAQs

Two-Factor Authentication Banner

Frequently Asked Questions

Once you enroll in two-factor, you cannot un-enroll or stop using two-factor unless you transfer to another school, stop attending 惇蹋圖, or stop working for the University.

You are only required to enroll one device, but we highly recommend that you consider whether you should have two devices enrolled in case your primary device is lost, stolen or damaged.

The Duo Mobile app on a smartphone or tablet is the most convenient method for most people, but you can enroll hardware and software tokens as well. When you're enrolling, choose the best option available to you.

Not necessarily. There are two ways to activate a smart device when you enroll:

  • Scan a QR code - In order to scan the code, you need to initiate enrollment from a device that is not your smart device (in most cases, a computer). The computer screen will display the code for you to scan in order to activate the Duo Mobile app on your smart device.
  • Use an activation URL sent to you by text - If you are enrolling from your smart device, you have the option to activate the device by text.

Using the Duo Mobile app on a smartphone to receive "push" notifications or generate passcodes is the most flexible, convenient and secure option for most people. However, there are other options, like SMS text messages or hardware tokens, that do not require use of a smartphone.

If you get a push notification from Duo that you did not request or don't expect, deny the request. Then change your MIDAS password for good measure.

Device Management

To add a new device, go to and log in.

  • Select 'My Account'
  • Select 'Account Settings'
  • Select 'Two-Factor Authentication Options'
  • Select 'Manage Devices'
  • Click on 'Add another device' and follow the prompts.

If you have a new smart device or phone with new phone number, update your two-factor authentication options in MIDAS:

  • Go to and log in.
  • Select 'My Account'
  • Select 'Account Settings'
  • Select 'Two Factor Authentication Options'
  • Select 'Lost Phone/Tablet' and follow the prompts to remove the old device/phone.
  • Select 'Manage Devices'
  • If prompted, authenticate using your other enrolled device then select 'Start setup'.
  • Follow the prompts to add your new device/phone.

If you have a new smart device and need to activate it, update your two-factor authentication options in MIDAS:

  • Download and install the DUO mobile app to your smart device if you have not done so already.
  • Go to and log in.
  • Select 'My Account'
  • Select 'Account Settings'
  • Select 'Two-Factor Authentication Options"
  • Select 'Manage Devices'
  • Select 'Enter a Passcode' for authentication method and select 'Text me new codes' at the bottom. Enter code that was sent via text message and select 'Log In'.
  • Select 'Device Options' next to the device, then select 'Reactivation Duo Mobile'
  • Follow the prompts to add your new device.

If you no longer have your smart device, or have lost access to this device, update your two-factor authentication options in MIDAS:

  • Go to and log in.
  • Select 'My Account'
  • Select 'Account Settings'
  • Select 'Two-Factor Authentication Options'
  • Select 'Lost Phone/Tablet' and follow the prompts to remove the device.

Contact the ITS Help Desk (757-683-3192) for available options until you either find or replace your device.

If you accidentally delete your device from MIDAS, re-add it as if it were a new smartphone or tablet (instructions above).

Once you have re-installed the Duo Mobile app to your device, reactivate your device using the same instructions for replacing a smart device (above).

General Usage

No. Your MIDAS ID and password are verified within 惇蹋圖. Duo only interacts with your second factor.

We collect your IP address during authentication, along with your phone make and model. Only the ITS Duo Security administrators can access this information. ITS is not monitoring your mobile device, nor can we control or manage your device remotely.

No. The Duo Mobile app does not grant 惇蹋圖 any access to your device. Neither Duo nor 惇蹋圖 can access any information on your device or remotely wipe your phone. ()

You must have mobile data or WiFi access on your mobile device in order to receive a push notification from Duo Mobile. (This uses minimal data, and 惇蹋圖 provides free WiFi on campus.) However, you can use the passcode option without an internet connection. See for more information.

This is why we recommend enrolling more than one two-factor device. If you find yourself without your second factor, contact the ITS Help Desk for assistance.

  • Enroll multiple devices.
  • Click the "remember me" button on the two-factor authentication page.

Troubleshooting

Duo can text codes (ten at a time) to your cell phone. Generate the codes ahead of time, then write them down and take them in to the exam with you. Each code will work one time. Find more information about SMS passcodes .

If you are traveling overseas, or will be without internet/network/cellular service, you can still use the Duo Mobile app to generate a code. If you will not have a mobile device at all, you may want to enroll a hardware or software token. Contact the ITS Help Desk if you have any questions.

Your token can get "out of sync" if the button is pressed too many times in a row and the generated passcodes aren't used for login. In some cases this can happen by accident if the token is stored next to other objects in a pocket, backpack, etc. To fix the issue, generate and enter three passcodes in a row. The first two attempts will fail, but the token should realign itself by the third attempt.

Example:
Generate a code --> Enter code --> Attempt will fail
Generate second code --> Enter code --> Attempt will fail
Generate third code --> Enter code --> Success!

You need to allow to send you notifications. If you do NOT allow this feature, you will not receive push notifications when you attempt to log in. Either change the notification settings for this app on your device, or open the Duo Mobile app manually each time you need to authenticate.