Two Factor Authentication

Instructions for Setting Up Duo App

Two Factor Authentication at BGSU

The BGSU Two Factor Authentication feature offers users a more secure method for accessing important university data. In order to access data protected by Two Factor Authentication, users must clearly identify themselves using two different methods of identification - their BGSU password and another component. The purpose of using two methods of identification is to better protect your data and works under the premise that an unauthorized user is unlikely to be able to supply both required methods of identification.

Security breaches at BGSU can, have, and will happen, this cannot always be prevented. This is why the University has elected to place Two Factor Authentication in front of many of its most important services. Please review this page for more information on BGSU Two Factor Authentication and how it affects you.

BGSU uses the Duo security access product to provide users with secure access to sensitive data. Enrollment in Duo offers a simple and quick method for implementing Two Factor Authentication at the University. Information Technology Services (ITS) recommends the Duo App as the preferred verification option because it is the fastest and most effective way to access protected services using Two Factor Authentication.

After enrolling in Duo, users will be required to authenticate every time they login to a protected service. Once logged in to the MyBGSU portal, users will stay logged in until the session times out after 30 minutes, or until they close out the portal (whichever comes first).

For assistance using Duo, please contact the ITS service desk.

For additional information on Duo Two Factor Authentication please review our Knowledge Base.

Remember Me for 30 Days Feature

BGSU account holders have the option to have Duo Two Factor Authentication remember their credentials when logging in to some protected services for 30 days. This feature appears as a checkbox when the user first attempts to access the the service. Selecting this option will allow the user to bypass the two factor login for the next 30 days. When the 30 days have expired, the user will once again be prompted to authenticate using Duo, and from there, they may select this option again. There is no limit to the number of times you can select this option. Please note:

  • The "Remember Me" feature is browser-specific. If you select this option while using Chrome, and attempt to access the portal using a different browser, such as Firefox, you will still need to authenticate using Duo Two Factor Authentication.
  • The "Remember Me" feature is device-specific. If you select this option while using your mobile phone to access a protected service, and then attempt to access the same service using your laptop, you will still need to authenticate using Duo Two Factor Authentication.
  • The "Remember Me" feature is also service-specific. Choosing this option for MyBGSU portal login will not carry over to allow the user to bypass authentication for other protected services.

To have the Duo Two Factor Authentication system remember you for 30 days, just check the box on the Duo screen that says "Remember me for 30 Days." You will need to check this box once per browser, per device, per service and you will need to check the box again if you clear your cache or history. 

What can I use to authenticate?

**Please do not approve Duo authentication requests if you have not attempted to log in to a protected service. For more information review this article** 

What's Protected?

On March 15, 2017, ITS added Two Factor Authentication protection to the MyBGSU portal. This change requires users to authenticate using the Duo software when they login to the portal.    

As of May 26, 2016, all BGSU VPN users have been transitioned to the Two Factor Authentication protected instance of VPN. More information on BGSU VPN.

As of August 1, 2019 Duo Two Factor Authentication protection for email is mandatory for all BGSU faculty, staff, affiliated partners and graduate assistants.

As of October 8, 2020 Duo Two Factor Authentication protection for email is mandatory for all BGSU students.

As of February 2022, Duo Two Factor Authentication protection for email is mandatory for all account holders. 

Effective Thursday, May 4, 2023, users accessing Canvas from off-campus locations will be required to authenticate via Duo Two Factor Authentication. Security breaches at BGSU can, have and will happen; this cannot always be prevented. Adding Duo protection to Canvas is another way to provide increased account security and protect your personal data. 

As of March 29, 2023, all new BGSU applications using single sign-on (SSO) will require Duo Two Factor Authentication unless a technical exception is approved by ITS Security. ITS will also be working to add Duo to existing BGSU apps using SSO over the coming months. A list of additional applications requiring Duo will be maintained below. 

Applications Requiring Duo
  • AcademicWorks
  • BG1 Card Services eAccount App
  • BGlinux
  • Bridge Training Portal
  • Curriculog
  • Handshake
  • Starship Ordering App

For more information on BGSU Multi-Factor Authentication (MFA) Standards please view this webpage.   

Updated: 09/28/2023 10:20AM