Versions Compared

Version Old Version 87 New Version Current
Changes made by

Jacklyn Truong

Joshua Drummond

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Enrollment is open to all Employee and Guest type UCInet affiliations.  You will need to choose between using a Software Token or Hardware Token.  The Software Token is a free app that you install on your phone/tablet, the preferred method if you have a supported mobile device (Android, iOS, BlackBerry, Windows Phone).  The hardware token is a small physical device to carry with you on a keychain, contact your local computer support to purchase hardware tokens through OIT.  Some pro's and con's of each below:

 Software TokenHardware Token
Pros
  • Free
  • Supports Duo Passcode (no WiFi or data connection needed)
  • Supports Duo Push (requires a WiFi or cellular data connection but doesn't use much data)Duo Push can be used more often than once per 60 seconds
  • Duo Push doesn't require you to type a Passcode, but instead just tap to approve a request
  • Duo Push can be used more often than once per 60 seconds
  • Less likely to get damaged or lost
  • Doesn't need a compatible mobile device
  • Supports Duo Passcode (no WiFi or data connection needed)
Cons
  • Requires compatible mobile device (app requires minimal permissions and space)
  • Not Free (~$24/each)
  • Doesn't support Duo Push
  • More likely to get damaged or lost
  • Sometimes needs to be resynced with the server (need to contact HelpDesk)
  • Duo Passcode can only be used once per 60 seconds

Initial Token Setup Instructions

...

  • Needs to be replaced every couple of years as the internal battery runs out

Initial Token Setup Instructions

Software Token Setup

  1. With your compatible mobile device in hand, on a computer go to https://applications.oit.uci.edu/DuoSupportDesk/enrollment.htm
  2. Read the policy agreement and under Under Add Software Token click on "Software Token Registration"
  3. Follow After reading the policy agreement, follow the steps to enter information, download the compatible app, and finally register your phone or tablet with your account.
  4. You can then test it by going to the Duo-protected test webpage below.

...

  1. With your hardware token in hand, on a computer go to https://applications.oit.uci.edu/DuoSupportDesk/enrollment.htm

 

 

Testing Your Token

  1. Under "Add YubiKey Hardware Token" click on "YubiKey Hardware Token Registration".
    1. Image Added
  2. After reading the policy agreement, enter the YubiKey's serial number, private identity, and secret key and click "Register".
    1. Image Added
  3. You can then test it by going to the Duo-protected test webpage below.

 

 

Testing Your Token

  1. The following Duo-protected webpage can be used to verify your token is working: https://applications.oit.uci.edu/DuoSupportDesk/testToken.htm . You can also visit the DuoSupportDesk home page and click "Test Token" found on the navigation bar.
  2. Image Removed
  3. Image Removed
    4. Image Removedhtm . You can also visit the DuoSupportDesk home page and click "Test Token" found on the navigation bar.
    1. Image Added
    2. Image Added
    3. Image Added

Removing Your Token

  1. To remove your software or hardware token, go to  https://applications.oit.uci.edu/DuoSupportDesk/enrollment.htm
  2. Under "Remove Token" click on "Remove Registration".
    1. Image Added
  3. Authenticate
    1. Image Added
  4. Click "My Settings & Devices" first and enter a passcode/push to verify authentication
    1. Image Added
  5. Click "Device Options" for the device you want to remove
    1. Image Added
  6. Click the trash can icon and then click "Remove" (you can't remove a device if it is your only one)
    1. Image Added
    2. Image Added
  7. Your token is now successfully removed. It can be re-registered to any account.
    1. Image Added

 

Emergency Backup Codes

  1. To generate emergency backup codes, go to https://applications.oit.uci.edu/DuoSupportDesk/enrollment.htm
  2. Under "Emergency Backup Codes" click on "Generate Emergency Backup Codes".
    1. Image Added
  3. After reading the disclaimers, click "Generate".
    1. Image Added
  4. Securely store your backup codes for use when your software or hardware tokens are unavailable.
    1. Image Added

 

 

New Phone / Software Token Replacement

...

  1. When you get redirected to WebAuth from a web application that is enforcing multi-factor authentication, you will first see a WebAuth login page. Login with your UCInetID and Password.
    Image RemovedImage Added

  2. After successful login using first factor, you will be presented with the second factor login. You will have an option to choose your type of phone device and either Duo Push or to enter in a Passcode. The example that is shown uses "Android" as a device.  If you choose to select Duo Push, then press the "Log in" button.  Otherwise you can select "Passcode" and enter the passcode that is currently being displayed on your hardware token or mobile app, then press the "Log in" button.
    Image RemovedImage Added
  3. Once you enter the correct passcode, or approve the push request, the WebAuth page will redirect you back to the application you came from successfully authenticated.

...