How do I add a new device or manage an existing one?

1. Log in to MyMadison.jmu.edu with your eID, password and current Duo device
2. Click on the MyAccounts tab, then click on the Duo icon
3. Authenticate again with your current Duo device
4. Click + Add another device, located beneath your current device
5. Follow the steps to enroll your new device
6. Sign out of MyMadison, then log back in to test logging in with the new device

What if I get a new phone? Chose the appropriate option below:

Option 1: Does your new cell phone have the same phone number as your old phone?

You should be able to receive SMS text messages (passcodes) sent from Duo via the Duo Authentication window:

1. Open a web browser mymadison.jmu.edu
2. Log in with your eID and password to the Duo Authentication page
3. Click Cancel
4. Select Enter a Passcode
5. Click Text me new codes in the blue banner on the bottom of the text box
6. Open the text message sent to your phone
7. Use a text code to enter in the Passcode box log in to MyMadison (note: each code can only be used once)
8. Click the MyAccounts tab in MyMadison and click the Duo Logo
9. Type a different text code in the Passcode box and click Log In
10. Click Device options for your phone on the My Settings and Devices Screen
11. Click Reactivate Duo Mobile
12. Select the Type of phone and click Continue
13. Install Duo Mobile on your new phone
14. Click I have Duo Mobile Installed, then click Next
15. Scan the QR barcode with the Duo Mobile app on your phone, by following the instructions on the Duo screen (or request an email)
16. Click Continue
17. Click Sign out to log out of MyMadison then log back in to test Duo on your new phone

Option 2: Do you have an alternative device enrolled with Duo?

If you have a hardware token, tablet, or secondary mobile phone enrolled in Duo: 

1. Log in to MyMadison with your eID and password
2. Use your alternate device to complete Duo authentication
3. Click the “My Accounts” tab in MyMadison, and click the “Duo” logo
4. Use your alternate device to complete Duo authentication again
5. Click “Add another device” and follow the instructions on the screen
6. After answering some questions about your device, you'll receive a new QR code to scan with your phone which will complete the Duo Mobile activation process

Option 3: Still cannot enroll a new cell phone?

Come to the IT Help Desk on the 4th floor of the Student Success Center with:

1. A photo ID
2. All of your Duo enabled devices (new cell phone, old cell phone and/or other devices)

Does JMU provide any 2FA devices?
We encourage you to enroll one or more of your personal mobile devices (cell phone or tablet) so that you have the most seamless and user-friendly experience using Duo. However, faculty and staff can go to the IT Help Desk, located at the 4^th floor of the Student Success Center to get a JMU-owned hardware token to use with Duo. The employee must bring a valid photo ID, which can be a JACard, Driver’s License, Passport, or other government-issued photo ID. Hardware tokens are also available to students through the JMU Bookstore.

What is a hardware token?
Hardware tokens are small, physical devices that generate passcodes when a button or sensor is pressed. When enrolled to your Duo account, these passcodes can be used to authenticate to Duo.

Why do I need to use 2FA?
Usernames are generally available and passwords can be stolen or cracked.  But hackers generally don’t have access to the devices used for secondary identity verification. So 2FA provides an additional security barrier against phishers, hackers and social engineers hoping to gain access to JMU resources including those that contain sensitive personal data, work files and intellectual property.

Am I required to use 2FA?
Yes, unless you are a student applicant.  Everyone else with an active JMU eID is required to use Duo.

What if I travel and don’t have cell phone coverage?
You can still use your Duo Mobile app to provide one-time passcodes that can serve as your 2FA login. The app will provide a new passcode every time you need to log in.

How Can I Authenticate Without Internet, network, or cellular service?
It is possible to authenticate without Internet or cellular connectivity, but it requires that you set up certain features beforehand:

• The Duo Mobile app can generate passcodes without any sort of connectivity once it has been installed. It will also work if your device is in airplane mode.
• Save or write down a batch of 10 SMS passcodes you receive while in an area of Internet or cellular connectivity. These passcodes will remain valid for 5 days.
• Use a hardware token that is already enrolled to your account.

Does Duo see my password? 
No. Your eID and password are verified with JMU’s internal systems only. Duo only interacts with your second factor to verify your identity.

What devices can I use?
For a list of devices and related methods of 2FA authentication refer to the table in the link below. JMU IT encourages registering at least two devices, including at least one smartphone.

Table of Device Authentication Types

For a list of supported devices, see the Duo User Guide.

How many devices can I add?
There is no limit to the number of devices you can add. JMU IT recommends that you enroll at least two devices—a primary one (usually your smartphone) and a secondary device to be used if your primary device is unavailable. To decide how many/which devices to enroll with Duo 2FA, think about your day-to-day usage patterns as well as less-frequent or emergency cases such as travel, loss of your primary device, etc.

Do I need to have a smartphone to use Duo 2FA?
Using the Duo Mobile app on a smartphone to receive “push” notifications or generate passcodes is the most flexible and convenient option for most people. However, there are other options (SMS text message or hardware token) that do not require use of a smartphone.

What if I forget my smartphone at home?
You will need to use a secondary device to provide a 2FA response. The Information Technology Help Desk can provide assistance on using a secondary device, but without access to an enrolled 2FA device, you will not be able to log in.

What happens if I lose my phone?
You can use a secondary device to log in to MyMadison. Go to the MyAccounts tab and use the Duo “My Settings & Devices” panel to delete your lost phone. If you aren't able to log in using Duo, visit/contact the Information Technology Help Desk to remove the missing phone and help you log in using another method.

Does it cost me money to authenticate with my phone?
Usually not, but it depends on the method of authentication you are using and the specifics of your phone plan. Individuals are responsible for any charges for text or data on their individual phones.

Will I be reimbursed for Duo-related charges?
It is possible to accrue charges from using Duo in the following methods:

• "Push" notifications with the Duo Mobile app uses a few KB of Internet data traffic.
• SMS text messages are billed by your carrier according to your normal service plan.
• International fees are billed by your carrier according to your normal service plan.

JMU is not responsible for the reimbursement of any expense incurred through use of Duo. If you will incur significant expenses using Duo with a device, it is recommended that you enroll a different device that will not incur such expenses.

What if I don’t have a data plan on my phone?
Enroll your phone to receive SMS text messages that do not require a data plan. Keep in mind that your carrier may charge you for receiving SMS text messages.

Why can’t I set a token as my default authentication factor?
The option to set a device as the default for Duo is only available for devices that can receive an automatic authentication prompt (Duo Push).

What services are protected by Duo?
Here is a list of services protected by Duo. New services are being added regularly.