Log In Using Two-Step Login
How to use Duo Push, a phone call, or a USB security key with Two-Step Login, plus “Trust this browser.”
This article applies to: Two-Step Login
To improve data security, Cornell has disabled Duo Mobile Passcodes. Plan to use one of the remaining authentication methods going forward.
When you log in to a Cornell service that requires Two-Step Login, an authentication method will be triggered, allowing you to confirm your identity.
The Duo prompt will appear, usually triggering the authentication method you most recently used.
For example, the prompt screen for a Duo Push authentication looks like this:
To authenticate your login, respond as appropriate. Preferred methods include:
- Duo push (tap Approve on the Duo mobile app)
- Duo "Call me" (respond to a mobile or landline telephone callback)
- USB security key (press a button on a USB device)
- Touch ID (use the macOS Touch ID)
While waiting for you to complete authentication, the Universal prompt will display one of the following screens:
Additionally, the following passcode alternatives continue to be available:
- Duo hardware token (use a passcode provided by a small electronic device)
- Duo SMS passcodes (use a passcode sent by SMS message)
If you would like to use a different authentication method than the one shown on the current Duo prompt, click Other options.
This opens a list of other available options. (Which options are shown depends on the device you have enrolled.)
(For some campus IT services that don't support a web interface, you may have to log in using append mode authentication, or using a second password field.)
- If you check Trust browser, Duo will remember your login on the current device and browser session for up to 24 hours.