What is Two Factor Authentication?

Duo Two-Factor Authentication

Duo Two-Factor Authentication

Home
DUO Users Guide
FAQ

What is Two Factor Authentication?

Page Content

Sign Up for Duo here!

Two factor authentication is login process that requires two out of the three elements described below:

Something You Know
This is typically a password or a PIN code you memorize

Something You Have
This is usually a card, ID badge, or a piece of hardware like your phone

Something You Are
This can be a finger or palm print

Duo uses your smart phone as a second factor to strengthen our existing authentication system. Detailed questions about Duo Security’s implementation of two factor authentication can be found here.

Two Factor FAQ Duo Enrollment FAQ

+ Expand All

Two factor sounds complicated – is it?

Not really, you’ve done it before because using your bank card at the ATM is a two factor transaction. You need both your bank card (something you have) and your PIN (something you know) to use the ATM. Just having your bank card or knowing your PIN is not enough to use the ATM.

Why do we need “Two Factor”?

Adding the second factor to passwords protects the security of our network and patient data by guaranteeing that guessing or stealing someone’s name and password are not enough to access patient data by someone outside the hospital environment. It will also allow us to implement new features like Electronic Prescribing on Controlled Substances (EPCS) because we can further verify the identity of prescribing physicians.

If you still have questions about two factor here is an informative video from Duo Security:

Click here to watch "What is Two-Factor Authentication" video

Otherwise link to webpage below:

https://duo.com/why-duo/why-two-factor-authentication-2fa-b

What is Duo?

Duo Security is a company that provides a service that allows us to leverage the modern smartphone as your second factor – something you have – to make two factor quick and easy.

If you still have questions about Duo Security’s implementation of two factor here’s more:

https://duo.com/why-duo/why-two-factor-authentication-2fa-b

What logins will I need to use two factor for?

For the initial rollout we are focusing on external access to the network so Health Systems VPN and access to Citrix (CWP) from outside the hospital environment and these will use Duo. New initiatives like EPCS for prescribing doctors will also use Duo.

Will I need to remember another password?

No, Duo two factor does not involve passwords.

Will I need to answer another set of security questions?

No, there are no security questions.

How do I enroll/sign-up if I’m not already in Duo?

Install the Duo application on your phone from your Appstore. When your account is provisioned in Duo to will receive an email – individual to you – that will allow you to take a picture of your computer screen using the Duo app. That’s it.

I deleted my email or I’m having problems enrolling. What do I do?

Call the Helpdesk (3HELP) and they can resend your email or get you the help you need.

What about the RSA in front of Citrix right now?

Duo will replace the current RSA and security questions system.

Do I need to install anything on my computer to log in via Citrix or VPN?

No access will continue exactly as it right now only adding a moment of two factor at login.

Will Citrix access from within the hospital require Duo?

No, only access of Citrix (CWP) from outside the network will require Duo.

Do I need to install anything on my phone?

Yes, you will need the Duo app available for iOS, Android, Windows Phone and Blackberry.
(Will MDM be offering the application as self service? Address MDM?)

What if I don’t have a smartphone?

If you don’t have a smartphone and external access to the medical network is critical to your job function talk to your manager about possible replacement hardware.

What if lose my phone or don’t have it to do the second authentication?

Call the Helpdesk (3HELP) to get a temporary emergency replacement code.

What if my phone is lost or replaced?

Call the Helpdesk (3HELP) so they can delete your old phone and replace it when you’re ready.

Do you track my location?

No. The Duo logs of second factor login attempts provides broad geographic information – city, country – for security reasons but even these log reports are available only to Duo administrators.

Can you see anything on my smartphone?

No. Within the administrative interface Duo reports on the model, software version and Duo app version of your phone but that is all.

+ Expand All

Why does the Duo application need access to my camera?

Duo needs access to the camera during the enrollment process to shoot the code for Duo registration. On iOS you can disable camera access after enrollment in Settings >Duo Mobile.

[Android settings need information.]

Do I want Push notifications? What is are Push notifications?

Yes, we recommend Push notifications. Push notifications are the fastest and easiest way to confirm Duo requests and is the preferred method and it will work with all Duo services.

Publishing Content Two

ELIGIBILITY

All current UC Health staff members

REQUIREMENTS

Support Phones:

- iOS devices: iOS 8.0 or higher

- Android devices: Android OS 4.4.1

- Windows Phones

- Blackberry

SUPPORT

For assistance, please submit a request to 3HELP.

Contact UC San Diego DUO