UH Login Multi-Factor Authentication (MFA) - Which authentication method should I use?

For more information about UH Login and Multi-Factor Authentication (MFA), go to https://www.hawaii.edu/its/uhlogin.

UH Login supports the following MFA methods:

  • Duo Push, using the Duo Mobile app on a mobile device (smartphone or tablet)
  • Duo Passcode, using the Duo Mobile app on a mobile device (smartphone or tablet)
  • Phone Call, using either a mobile phone or landline
  • SMS Passcode, using a mobile phone that supports SMS (text messaging)
  • Yubikey Hard Token, which is inserted into your computer's USB port

Review the following table for more information on the requirements for each method, and whether or not the method can be used when completely offline (no internet or telephone service).

  Requires a Smartphone (Duo Mobile App) Requires Internet Access (Mobile Data or WiFi) Requires Telephony (Mobile Network or Landline) Can be used offline
Duo Passcode YES NO NO YES
Phone Call NO NO YES NO
Yubikey Hard Token NO NO NO YES

Duo Push via the Duo Mobile App

If you have a supported mobile device, Duo Push is the recommended method. As long as your mobile device has mobile network or wi-fi service, authentication requests can be pushed to your device via the Duo Mobile app. You can download the Duo Mobile app to an iOS or Android device that meets the minimum requirements.

iOS Please see https://guide.duo.com/iphone for the supported version of iOS
Android Please see https://guide.duo.com/android for the supported version of Android

Once you have downloaded the Duo Mobile app and registered your mobile device, authentication requests will be "pushed" to your device through the Duo Mobile app. You would then open the Duo Mobile app and tap on "Approve" or "Deny" to approve or deny the authentication request.

Duo Passcode via the Duo Mobile App

The Duo Mobile app can be used to generate a passcode that can be used to login. Passcodes can be generated without requiring internet access, and can be used even if your mobile device is in airplane mode or otherwise not connected to a WiFi or mobile network with internet access. This is a great option to use when traveling or when in areas where access to the internet might not be guaranteed.

Phone Call

You can opt to authenticate via a phone call to a landline or mobile phone. When it's time to authenticate, you will receive a call on your registered phone number. You would then push "1" on your phone's keypad to authenticate, or push "9" to deny the authentication request.

Regarding phone numbers beginning with "+86"

Due to recent telephony restrictions by the Chinese government, Duo was previously unable to authenticate via phone call to users with +86 phone numbers. Users with a +86 phone number registered in Duo, would have seen the following notice:


As of May 10, 2019, Duo has resolved the issue and phone call authentication to +86 numbers are no longer being blocked. For more information, please refer to the following Duo knowledgebase article:


SMS Passcode

If you do not have a smartphone, but you have a mobile phone with SMS/text messaging capabilities, you can use an SMS passcode to authenticate. When requested, one (1) passcode will be sent to your phone as a text (SMS) message. Once an SMS passcode is received, the passcode can be saved and used even if your mobile device is no longer connected to a mobile network.

Yubikey Hard Token

A hard token (sometimes called an authentication or security token) is a hardware security device that is used to authorize a user. UH provides Yubikey hard tokens for purchase. The UH hard token is a usb device and must be inserted into your usb port to be used. You would then touch the hard token anytime you wanted to authenticate. If you do not have an available usb port, you cannot authenticate with the UH hard token. Hard tokens are not recommended and should be purchased only if you cannot use any of the other above means for authenticating.

For information on purchasing a UH hard token, please visit https://www.hawaii.edu/sitelic/tokens/

This article is part of the Getting setup for Multi-Factor Authentication (MFA) article.
Please rate the quality of this answer: Poor Fair Okay Good Excellent
Not the answer you were looking for? Try different keyword combinations and if you still can’t find your answer, please contact us.
Article ID: 1679
Created: Thu, 14 Jan 2016 2:04pm
Modified: Tue, 02 Jan 2024 1:04pm