Versions Compared

Version Old Version 67 New Version 68
Changes made by

Joshua Drummond

Joshua Drummond

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

 Software TokenHardware Token
Pros
  • Free
  • Supports Duo Passcode (no WiFi or data connection needed)
  • Supports Duo Push (requires a WiFi or cellular data connection but doesn't use much data)
  • Duo Push can be used more often than once per 60 seconds
  • Duo Push doesn't require you to type a Passcode, but instead just tap to approve a request
  • Less likely to get damaged or lost
  • DonDoesn't need a compatible mobile device
  • Supports Duo Passcode (no WiFi or data connection needed)
Cons
  • Requires compatible mobile device (app requires minimal permissions and space)
  • Not Free (~$24/each)
  • Doesn't support Duo Push
  • More likely to get damaged or lost
  • Sometimes needs to be resynced with the server
  • Duo Passcode can only be used once per 60 seconds

...

If you still have the old phonedevice, you can go to https://applications.oit.uci.edu/DuoSupportDesk/enrollment.htm and click on the manage software tokens link to add enroll the new phone device and delete the old one.  Otherwise contact the OIT Help Desk and ask them to delete your the old phonedevice, then you can go to the enrollment page and register the new phone device by following the "Software Token Setup" steps above.

...

  1. When you get redirected to WebAuth from a web application that is enforcing multi-factor authentication, you will first see a WebAuth login page. Login with your UCInetID and Password.


  2. After successful login using first factor, you will be presented with the second factor login. You will have an option to choose your type of phone device and either Duo Push or to enter in a Passcode. The example that is shown uses "Android" as a device.  If you choose to select Duo Push, then press the "Log in" button.  Otherwise you can select "Passcode" and enter the passcode that is currently being displayed on your hardware token or mobile app, then press the "Log in" button.
  3. Once you enter the correct passcode, or approve the push request, the WebAuth page will redirect you back to the application you came from successfully authenticated.

Windows RDP/Console

Note: This is a preview of what it may look like, contact your system administrator about the current status of your systems.

...

  1. Start the AnyConnect client, type in the address of the multi-factor enabled VPN server you want to connect to, and click Connect. 
  2. On the next screen, choose the tunnel group from the Group dropdown that you need to connect to.  Enter your username and both first and second factor authentication in the same window.  The first factor is your UCInet password.  The second factor is your Duo Passcode (or you can type "push" if you have a Duo software token).
  3. Once you enter the correct credentials, or approve the push request, you will have successfully authenticated into the VPN.

...