Duo Account Security

Account security has never been more important as an increasing number of businesses and users are targeted by hackers. One can't read the news without seeing another story regarding a company or service being compromised and data being stolen.  

Password management has always been a weak point in systems that rely solely on a knowledge-based authentication factor. As the number of accounts that the average user must maintain has exploded, passwords are reused across multiple systems, making unassociated services vulnerable when a reused password is leaked.

More important, however, is the increasing sophistication of contemporary phishing attacks. These targeted attacks can be difficult for even savvy users to avoid. Passwords are simply no longer reliable as the sole method of authentication to sensitive systems.


What is Duo Account Security?

The UofM Web-SSO system now includes Multi-factor Authentication (MFA) capabilities. This means that users can protect their accounts by requiring a secondary means of authentication in addition to the password. Password-based authentication has become increasingly vulnerable and MFA substantially reduces the threat of unauthorized access to accounts.

The ITS Security team has implemented MFA using a product from Duo Security, which allows users to leverage their phones as a second factor for authentication.  Users can utilize the Duo Mobile application to enroll their smartphone or tablet to receive online push notifications, or generate a one-time password.  Users can also enroll an SMS number to receive notifications via text message, or enroll a phone number to receive a phone call, depending on their preference.


Am I required to enroll in Duo Account Security?

ITS Security has made Duo Account Security available to all users on campus who wish to opt-in to use the service.  All users are strongly encouraged to utilize the service to increase the security of their account.  Unless otherwise noted below, users are not required to enroll in the service. 

As of August 2016, all ITS staff are required to utilize Duo Account Security to protect their accounts.


How do I enroll in Duo Account Security?

The UofM's self-enrollment process on iAM makes it easy to register your device and install the mobile app (if necessary). Login to https://iam.memphis.edu/duo to begin. You will be guided through the process of registering your device(s). Once you have enabled Duo, you will be prompted to authenticate with your second factor the next time you log in to any SSO-protected web resource.

It is strongly recommended that you have more than one device registered in case there is an issue with your primary device.


Where can I get help with Duo Account Security?

Full documentation for the Duo Account Security service can be found here.  For further assistance, please contact the ITS Service Desk at 901-678-8888.


How can I give feedback on the Duo Account Security service?

The ITS Security team would appreciate any feedback that you might have regarding your experience using Duo or registering devices within iAM. Suggestions for improving the service can be submitted via the ITS Suggestion Box: http://www.memphis.edu/its/about/its-suggestion-box.php.