Two Step Authentication

INSTRUCTIONS FOR SETTING UP DUO APP

Two Step Authentication at BGSU

The BGSU Two Step Authentication feature offers users a more secure method for accessing important university data. In order to access data protected by Two Step Authentication, users must clearly identify themselves using two different methods of identification - their BGSU password and another component. The purpose of using two methods of identification is to better protect your data and works under the premise that an unauthorized user is unlikely to be able to supply both required methods of identification.

Security breaches at BGSU can, have, and will happen, this cannot always be prevented. This is why the university has elected to place Two Step Authentication in front of many of its most important services. Please review this page for more information on BGSU Two Step Authentication and how it affects you.

BGSU uses the Duo security access product to provide users with secure access to sensitive data. Enrollment in Duo offers a simple and quick method for implementing Two Step Authentication at the University. Information Technology Services (ITS) recommends the Duo App as the preferred verification option because it is the fastest and most effective way to access protected services using Two Step Authentication.

After enrolling in Duo, users will be required to authenticate every time they login to a protected service. Once logged in to the MyBGSU portal, users will stay logged in until the session times out after 30 minutes, or until they close out the portal (whichever comes first).

For assistance using Duo, please contact the Technology Support Center.

For additional information on Duo Two Step Authentication please review our Knowledge Base.

New! Remember Me for 30 Days Feature

BGSU account holders now have the option to have Duo Two Step Authentication remember their credentials when logging in to the MyBGSU portal for 30 days! This new feature will appear as a checkbox when the user first attempts to access the portal. Selecting this option will allow the user to bypass the two-step login for the next 30 days. When the 30 days have expired, the user will once again be prompted to authenticate using Duo, and from there, they may select this option again. There is no limit to the number of times you can select this option. Please note:

  • The "Remember Me" feature is browser-specific. If you select this option while using Chrome, and attempt to access the portal using Internet Explorer, Firefox, etc., you will still need to authenticate using Duo Two Step Authentication.
  • The "Remember Me" feature is device-specific. If you select this option while using your mobile phone to access a protected service, and then attempt to access the same service using your lapop, you will still need to authenticate using Duo Two Step Authentication.
  • The "Remember Me" feature is also service-specific. Choosing this option for MyBGSU portal login will not carry over to allow the user to bypass authentication for other protected services.

To have the Duo Two Step Authentication system remember you for 30 days, just check the box on the Duo screen that says "Remember me for 30 Days." You will need to check this box once per browser, per device, and you will need to check the box again if you clear your cache or history. 

If you use the automatic push on Duo, things might get a bit tricky. Here is a quick video to show the process with automatic push.

Duo 30 Day Known Issue Tutorial

What can I use to authenticate?

What's Protected?

Beginning March 15, 2017, Information Technology Services (ITS) will add Two Step Authentication protection in front of the MyBGSU portal. This will require all users to authenticate using the Duo software every time they login to the portal. The implementation of full-portal Two Step Authentication coverage is considered the next step at increasing account security following the recent March 1 password reset initiative.  

Two Step Authentication was first introduced to campus in June of 2016 and included protection of the following portal services:

  • Payroll Direct Deposit Self-Service
  • Student Account e-Refund  Self-Service (BGSU Refund)
  • W2 Access
  • 1098-T Access
  • Optional full-portal coverage

As of May 26, 2016, all BGSU MyVPN users have been transitioned to the Two Step Authentication protected instance of MyVPN. For more information on BGSU VPN, click here.
 

BGSU account holders now have the ability to "opt-in" to Duo Two Step Authenticaiton protection for email!

Various levels of protection are available for those interested in adding an extra layer of security to their BGSU email access. For more information regarding these levels, and to opt in, login to the MyBGSU portal and select Help Desk from the orange bar at the top of the screen. Next, click on Two Step Authentication from the left navigation menu to review the available options. Please be sure to review the requirements prior to opting in to a new level.

We are currently investigating the need for placing Two Step Authentication protection in front of  Canvas. You can currently access Canvas at http://canvas.bgsu.edu to bypass Two Step Authentication.