UH Login Multi-Factor Authentication (MFA) - Which authentication method should I use?
For more information about UH Login and Multi-Factor Authentication (MFA), go to www.hawaii.edu/its/uhlogin.
UH Login supports the following MFA methods:
- Duo Push, using a mobile device (smartphone or tablet)
- Phone call, using either a mobile phone or landline
- SMS passcodes, using a mobile phone that supports SMS (text messaging)
- Yubikey hard token, which is inserted into your computer's USB port
If you have a supported mobile device, Duo Push is the recommended method. As long as your mobile device has mobile network or wi-fi service, authentication requests can be pushed to your device via the Duo Mobile app. You can download the Duo Mobile app to an iOS, Android, or Windows Phone device that meets the minimum requirements.
|iOS||Please see https://guide.duo.com/iphone for the supported version of iOS|
|Android||Please see https://guide.duo.com/android for the supported version of Android|
|Windows Phone||Please see https://guide.duo.com/windows-phone for the supported version of Windows Phone|
Once you have downloaded the Duo Mobile app and registered your mobile device, authentication requests will be "pushed" to your device through the Duo Mobile app. You would then open the Duo Mobile app and tap on "Approve" or "Deny" to approve or deny the authentication request.
If you are in a location without mobile network or wi-fi service, the Duo Mobile app can also generate a "smart code" that can be used to login.
You can opt to authenticate via a phone call to a landline or mobile phone. When it's time to authenticate, you will receive a call on your registered phone number. You would then push "1" on your phone's keypad to authenticate, or push "9" to deny the authentication request.
Regarding phone numbers beginning with "+86"
ITS has been informed by Duo that due to recent telephony restrictions by the Chinese government, Duo is no longer able to authenticate by phone calls to users with +86 numbers. If you have a +86 phone number registered in Duo, you will see the following notice:
Other methods, such as Duo Push, SMS passcodes, or hard tokens will still work. For more information, please refer to the following Duo knowledgebase article:
If you do not have a smartphone, but you have a mobile phone with text messaging capabilities, you can use SMS passcodes to authenticate. A sequence of 10 passcodes will be sent as a text (SMS) message to your phone. Each time you authenticate, you would use the next passcode in the sequence. After you've used all 10 passcodes, you can request a new set of 10 passcodes. You can also request a new set of 10 passcodes at any time, even before using all 10 passcodes. You can use the next valid passcode to authenticate even if you do not have mobile network or wi-fi service.
Yubikey Hard Token
A hard token (sometimes called an authentication or security token) is a hardware security device that is used to authorize a user. UH provides Yubikey hard tokens for purchase. The UH hard token is a usb device and must be inserted into your usb port to be used. You would then touch the hard token anytime you wanted to authenticate. If you do not have an available usb port, you cannot authenticate with the UH hard token. Hard tokens are not recommended and should be purchased only if you cannot use any of the other above means for authenticating.
For information on purchasing a UH hard token, please visit https://www.hawaii.edu/sitelic/tokens/