We strongly recommend enrolling at least 2 devices to ensure that you are able to access Duo at all times - even if you have lost your smartphone or are working somewhere with no cell service. Because so many authentication options are available, we expect that every user will be able to find at least 2 methods that work for them.
Please note: It is possible to remove a device from your Duo Device list; but once you have opted in to Duo Security at Sign in, it is not possible to opt out or remove your account.
Which devices should you enroll?
Smartphone or tablet
Smartphones and tablets are the most popular tools to enroll in Duo, because they are easy to use when authenticating (and because users often carry a mobile device at all times). Read Enroll a Mobile Device to begin.
Several authentication methods are available with a smartphone or tablet:
- use the Duo Push feature
- generate a one-time-use passcode
- have Duo call you (for US and Canadian phones) - just answer and tap any key.
Note: If you are enrolling a new phone (but already have a Duo account), you can use these instructions.
Non-smart cellphones
You don't need a smartphone to stay secure with Duo! Enroll your non-smart cell phone and when asked to choose your authentication method, select the Call Me. Then answer the phone! When you hear an automated voice, press any number key on your phone to authenticate your identity.
For times when you do not have cell service, a landline or self-generated Duo bypass codes are great backup options. They come in single-use sets of ten and are good for one year (365 days). Print them and keep them someplace safe.
Landline phone or Google Voice
These are good choices if you work somewhere with no cell service or don't have a smartphone or tablet. They are also excellent backup choices; if you forget your mobile device, you can still authenticate using Google Voice on your computer or on a campus-issued landline. Finally, they're a good choice for low-vision or no-vision users. Read Add a Landline Authentication to begin.
Note: University accounts created after March 2019 are ineligible for Google Voice.
To authenticate with a landline or Google Voice
Use the Call Me option. Answer the phone! When you hear an automated voice, press any number key on your phone to authenticate your identity.
Security Key (U2F token) (desktop computer or laptop)
Security keys (also known as U2F tokens), may be a good choice for low-vision users, people who do not have smartphones or tablets, and people who work in areas with no cell service or wifi. You must provide your own Security Key. You can purchase one from most electronics retailers. You can set it up yourself by following these instructions. A U2F token plugs into your USB port and when tapped (or when the button is pressed) sends a signed response to Duo to validate your log in.
- The University of Minnesota currently supports security keys (U2F tokens). However these devices work only with the following browsers: Google Chrome version 41 or later or Opera version 40 or later.
- There is no charge for this service, aside from the cost of the Security Key itself
To authenticate with a security key:
There are several types of security keys, and each one has its own instructions. Usually, you will insert your security key into your computer's USB drive and then tap a flashing light on the security key
Hardware token
Duo hardware tokens are small fobs that generate passcodes. They are suitable as a primary device for users who do not have (or prefer not to use) mobile devices. The University does NOT recommend using a hardware token as your backup device
- Each hardware token is tied to one user. The passcodes generated by that token can only be used by that user
- We recommend requesting a token only if you have a business need or are unable to use Duo on other devices
- To request a token, visit a walk-in location. You can also request a hardware token and verify your identity via video; call 1-HELP ((612) 301-4357) to initiate that process
Note: Hardware tokens:
- have an expected battery life of 2-3 years; and
- can get out of sync if the button is pressed many times and the codes are not used (this can occur if you carry your token at the bottom of a bag, or if someone presses the button frequently without using the codes)
- Contact Technology Help if the codes your token generates are not working
To authenticate with a hardware token:
Duo will display a passcode on your token. Type the numbers you see on the token into the Duo screen on your computer. Be sure you are holding the token with the green button on the left and the Duo logo above the numbers!
Additional Information
Setup & Use Two-Factor Authentication (Self-Help Guide)
Use Two-Factor Authentication for all University Sign-in Pages