Duo Verified Push will soon feature an extra step of security in the Two-Step Login for all IU students, faculty, affiliates and staff, beginning Feb. 13. This new step will be activated for IU Login, IU Azure (Microsoft 365 suite) and other applicable IU services, according to an IU press release.
When users log in to an application with Duo Verified Push, they will be given a 3-digit number on whatever device they are attempting to log on. They must enter that code into their Duo Mobile app to approve the login. If the user presses the “remember me” button, they won’t have to enter another number for 30 days.
This added level of security provides an additional layer of protection against online attackers sending false Duo pushes in attempts to access IU accounts. It also allows users to stay logged in for a longer period.
Outdated Apple devices will need Duo Mobile version 4.17.0 on iOS 15 or a newer version, while Androids will need Duo Mobile version 4.16.0 on Android 11 or a newer version to use Duo Verified Push. For these older devices, users will have to request a single-button hardware token. The physical token will provide a passcode when a Duo Push is prompted. Students may also request an exemption from the University Information Technology Services (UITS) Support Center or an IT Pro. Any staff not included in the previous expansions will now be included in this new update.
The University Information Security Office encourages users to upgrade from older devices that no longer run the required software.
