Log In Using Two-Step Login
How to use Duo Push, a phone call, or a USB security key with Two-Step Login, plus “Trust this browser.”
This article applies to: Two-Step Login
To improve data security, Cornell has disabled Duo Mobile Passcodes. Plan to use one of the remaining authentication methods going forward.
When you log in to a Cornell service that requires Two-Step Login, an authentication method will be triggered, allowing you to confirm your identity.
-
The Duo prompt will appear, usually triggering the authentication method you most recently used.
For example, the prompt screen for a Duo Push authentication looks like this:
To authenticate your login, respond as appropriate. Preferred methods include:- Duo push (tap Approve on the Duo mobile app)
- Duo "Call me" (respond to a mobile or landline telephone callback)
- USB security key (press a button on a USB device)
- Touch ID (use the macOS Touch ID)
While waiting for you to complete authentication, the Universal prompt will display one of the following screens:
Additionally, the following passcode alternatives continue to be available:
- Duo hardware token (use a passcode provided by a small electronic device)
- Duo SMS passcodes (use a passcode sent by SMS message)
-
If you would like to use a different authentication method than the one shown on the current Duo prompt, click Other options.
This opens a list of other available options. (Which options are shown depends on the device you have enrolled.)
(For some campus IT services that don't support a web interface, you may have to log in using append mode authentication, or using a second password field.)
- If you check Trust browser, Duo will remember your login on the current device and browser session for up to 24 hours.
Comments?