Multi-Factor Authentication

Frequently Asked Questions

How do I set up my cell phone for DUO?

Using the following guides, based on the type of phone that you have. There is an Android guide and an iPhone guide.

Do I have to use Multifactor Authentication (MFA)?

Yes. All employees will be required to utilize MFA in order to gain access to OneUSG/PeopleSoft (HCM and Financials). This is a requirement for all institutions within the University System of Georgia (USG). Therefore, in order to satisfy the ultimate goal of safeguarding accounts and ultimately the safety of our data resources as an institution, Gordon State College (GSC) will be required to follow the same requirements like all other USG institutions.

What is MFA, exactly?

Essentially, MFA requires two or more forms of authorization when you log into a system online. In systems that implement MFA, you will enter your password as usual and will then be prompted for a secondary form of authorization such as a notification on your personal phone, a text message to your personal phone, a phone call to your personal phone, a phone call to a desk phone, or through a code or button press on a hardware device. Once this is complete, you will be granted access to the system and will not have to re-enter either form of authorization while you using that system.

Do I have to use a smartphone?

No, you can use any physical device such as your tablet, landline phone, hardware token, or security key to verify your identity. One can choose to receive a call to their cell or landline. One can choose to receive a code via SMS (text messaging). If allowed and/or purchased, a hardware token or security key can also satisfy this MFA verification. However, it is highly recommended that employees utilize their personal smartphones to receive a free “push” notification and therefore a simple acknowledgement on your phone satisfies verification of a proper two-factor authentication. This requires the free Duo App to be installed and configured with your account. This is the quickest and least intrusive method.

Is MFA (Duo) Flexible?

Two-Factor Authentication (2FA) does not have a single mandatory means of use. Duo allows an individual to select from several options for a primary means of 2FA and a backup. You are free to choose the method that works best for you.

Is Duo Push the easiest option?

We strongly suggest that you try the ‘Duo Push Notification’ option first and give it a week. Based on feedback from other USG schools that have implemented DUO, users reported that this option was by far the least intrusive and easiest way to sign-in. The push notification typically appears instantly and the authentication process completes less than two or three seconds after pressing the “Accept” button.

What are my options if I often work from a single office?

Some staff and faculty members with significant administrative duties spend most of their time in an office, or teach mostly online from a GSC or home office, might choose to have a desk phone as the primary means of MFA.

What does the Duo app cost?

Duo Mobile is a free download. It requires permission for push notifications and to use the camera (since taking a picture of a QR code is part of setup process). It uses very little data. According to Duo’s online documentation, 500 push notifications in a month (16 a day) would use 1 MB of data. (see

What if I have no cell or wifi?

As long as you are using the Duo app, it can be used to generate a passcode if you do not have cell service or wifi connectivity.

Which applications will require MFA access?

Currently, MFA will only be required for OneUSG Connect/PeopleSoft beginning on June 11th, 2019. Additional systems will be added over time.

How often will I be prompted for MFA?

Depending on several factors a person may, or may not, be prompted to provide the MFA verification each time during the day. The general expectation is that if you sign out of a MFA application and close the web browser, you will be required to perform MFA verification when signing in again.

Where will I be prompted?

In order to satisfy the ultimate goal of safeguarding all accounts and ultimately the safety of our data resources as an institution, GSC will be required to follow the same requirements like all other USG institutions. Therefore, each person will need to verify their identity through this MFA account access process each day on each different system and for each different web browser. No workstation can be trusted unfortunately.

What are my options in a “worst-case” scenario where I have no way to use Duo?

If your primary method of MFA is not functioning properly, you can call the Information Technology Department and request a temporary bypass code.

Why is Duo asking for access to my camera?

One of the methods for enrolling your account in Duo MFA utilizes your phone’s camera to finalize registration of your device to setup your Duo account. During setup, you may be prompted to allow access to your camera for this process. After enrollment is complete, you can disable access to the camera under your phone’s settings section.

How do I change a method, update a setting, or add a new phone or backup device?

In order to update your MFA method after you have already enrolled in DUO, you will need to contact the Information Technology Department.

Why am I seeing security warnings?

Duo will prompt you with security warnings if the computer or device you’re using has one or more out-of-date web browsers or your operating system is out-of-date. GSC IT always recommends that you keep your devices up to date in order to ensure they are protected with the latest security fixes. If you encounter a Duo security warning on a GSC computer, please contact our help desk so that we can resolve the issue.

What if I encounter cellular connectivity issues?

If you regularly work in an area with connectivity issues, wifi issues, or low phone reception, you can still sign-in using the six digit passcodes generated in the Duo mobile app, a hardware token, or U2F security key.

What if I have an old smartphone or “flip-phone”?

If you do not have access to apps on your phone, you can choose to receive texts, phone calls, use a desk phone, or use a hardware token or U2F security key for Duo.

What if I don’t want to use my personally-owned device for this?

If, for whatever reason, you are uncomfortable with having a work-related app or work-related texts or calls on your personal device, you can choose to use a desk phone or a hardware token/U2F security key (if approved).

Can I use a hardware token?

You can use a supported hardware token or U2F security key with Duo.

Preferred Option

A physical U2F security key can satisfy this MFA verification. Those are available for retail purchase. A recommended Universal 2nd Factor (U2F) security key is the YubiKey 5 NFC from Yubico. Please note that U2F security keys may offered limited compatibility with specific devices or applications and are only fully supported in Google Chrome (Firefox now works after some local configurations are applied).

A limited number of Hardware Tokens will be available for check-out once a completed MFA Hardware Token Request form has been submitted for employees who are unable to use a personal smartphone, a landline/office phone, or choose to not use a personally owned device for MFA.  We would like to encourage everyone to please consider all other options first so that these devices will be available for employees who need them.

How do I use MFA while traveling?

There are several factors to be noted when traveling. As long as you have service as normal, you can authenticate as you always do. Otherwise, there are a few possible scenarios available:

  • If no cell service or wifi connectivity, you can use the app to generate a passcode.
  • If hardware tokens are allowed and you have one registered, you can use the token to generate a passcode.
  • A “bypass” code can be generated via special approvals prior to a trip to be utilized (contact the Information Technology Department).

What kinds of data does Duo track?

Duo only tracks sign-in and device registration information for systems that use single sign-on (SSO) with MFA. Duo tracks mostly the same information as other applications the college uses when you sign in, including: your username, registered device, browser version and IP address. Duo does not capture or store college data.

Who do I contact for assistance?

Contact IT via to create a ticket. Tickets can be handled by any IT staff member, this is usually the fastest path to resolution. If you feel your situation is more of an emergency situation with the technology, call 678-359-5008.