To protect against recent cyber threats, NAU is enhancing Duo Two-Step Verification protections for the NAU community.\u00a0<\/em> <\/span><\/p>\n Beginning on August 16th of 2024, NAU computers will require authorization through Duo to complete the login process. After you enter your NAU username and password on your device\u2019s login screen, a Two-Step Verification prompt will be sent to your authorized Duo device for approval. Once you approve this prompt, you can finish logging into your device.<\/p>\n Work from home, remote work, and hybrid work have changed the threat landscape when protecting University systems and assets. While on-prem systems are typically stored in controlled access environments with security above that of consumer-grade, our new landscape does not reflect this same level of protection. With more individuals spread worldwide, ITS must adapt our security practices to meet these new threats and increase our diligence to protect the campus community.<\/p>\n As the world has shifted to more remote and hybrid work different vulnerabilities and attack vectors have become more prevalent. By requiring Two-Step Verification at desktop logon, we can better protect information that is stored or accessible locally on workstations, better protect network shares and other systems and assets that do not currently support Two-Step Verification before access, assist with protection of sensitive information in the event of lost or stolen devices, and help protect from attacks such as keylogging.<\/p>\n University community members will have an opportunity to select a checkbox during the login process to “Remember” their login, or until an environmental variable change requires a refresh of your credentials. Environmental changes that can impact your ability to be remembered include but are not limited to, joining a different wireless access point such as moving between offices or buildings, joining the VPN, or restarting your device.<\/p>\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n\n Yes, Two-Step fobs will be usable for logging into workstations in a similar fashion as it would be with logging into CAS or other Microsoft services. In the event that you forget your Two-Step authentication devices or if it is lost or stolen, you may call into the ITS Service Desk at 928-523-3335 to request a Two-Step Bypass code to use for the day. This code will allow you to access the workstations as well as other systems protected by Two-Step Verification. On Windows devices, Cisco Duo does not currently support Windows Hello, and you will not be able to utilize facial or fingerprint recognition.<\/p>\n On MacOS devices, Cisco Duo does not support fingerprint recognition on the initial logon of the system but will support subsequent authentications to unlock any existing session.<\/p>\n No, at this time, this change will not impact any servers or non-standard accounts. In the future, we will be evaluating remote and terminal services to determine if it is appropriate and prudent to deploy these same Two-Step Verification requirements to those systems and services. Beginning in late May of 2024, NAU employees (including student employees) and NAU Affiliates (including retirees and emeritus) must enter a three-digit verification code when logging into NAU services requiring Duo Two-Step Verification. Upon login, you’ll see a three-digit code in the Duo login prompt in your web browser and a push notification from Duo on your verified device to enter the code you’re given before allowing access.<\/p>\n Recently, NAU has observed cybercriminals in the higher-education landscape attempting to gain access to users’ accounts through a social engineering technique known as “MFA Fatigue”. This technique involves a malicious entity spamming a user with login attempts and subsequent Duo prompts until a user slips focus on the action and unintentionally approves an unauthorized prompt.<\/p>\n Yes, you can still complete a verification request from your Apple Watch.<\/p>\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n\n These updates will not impact the functionality of ‘Remember me’ when you transition between classrooms. However, you will need to physically carry your phone or Two-Step fob with you every time you visit a classroom.<\/p>\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n\n
\n
\nNAU Computers now requiring Duo authentication for login<\/h5>\n
August 2024<\/h6>\n
\nScroll to<\/a><\/h6>\n<\/div><\/div>\n\n<\/div>\n\n\n
Three-digit code now required for Duo Two-Step Verification<\/h5>\n
May 2024<\/h6>\n
\nScroll to<\/a><\/h6>\n<\/div><\/div>\n\n<\/div>\n<\/div>\n
\nAugust 2024<\/h6>\n
NAU Computers now requiring Duo authentication for login<\/h4>\n
\nWhy is ITS making this change?<\/h5>\n
\nFrequently asked questions & use cases<\/h4>\n\n
Will I need to Two-Step every time I login to my workstation or just the first time I login for the day?\n Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n
Will you still be able to use a Two-Step fob to login if you do not have a mobile device that can support Duo?\n Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n
\n<\/span><\/p>\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n\nWhat should I do if I forget or lose my phone or Two-Step fob?\n Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n
\n<\/span><\/p>\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n\nWill I still need to authenticate with Duo into Outlook, Teams, CAS, and other services? Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n
\n<\/span><\/div>\n
<\/div>\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n\nWill I need to authenticate with Duo if I remote into my workstation? Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n
<\/div>\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n\nWill I still be able to use biometrics to log into my system? Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n
\n
\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n\nHow will this affect students?\u00a0 Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n
<\/div>\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n\nWill this affect servers or non-standard accounts?\n Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n
\n<\/span><\/p>\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n\nWill this impact personal or BYOD devices? Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n
<\/div>\n<\/body><\/html>\n\n <\/div>\n<\/div>\n\n<\/div><\/div>\n
\nMay 2024<\/h6>\n
Three-digit code now required for Duo Two-Step Verification<\/h4>\n
\nWhy is this happening?<\/h5>\n
\nFrequently asked questions & use cases<\/h4>\n
\n\nCan I still complete a verification from my Apple Watch? Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n
I teach in multiple classrooms, what does that mean for me? Accordion Closed<\/span><\/h4>\n <\/span>\n <\/div>\n <\/a>\n