Improvements coming to USC multifactor authentication services
Division of IT is fully transitioning to Duo Verified Push, hardware-based options
Posted on: September 3, 2024; Updated on: September 3, 2024
By Collyn Taylor, collyntaylor@sc.edu, 803-777-3691
Changes are coming to the way the USC community logs in to Microsoft applications and university systems.
The Division of Information Technology is upgrading its multifactor authentication services and will not offer phone-based options like calling or texting moving forward.
Options like call and text are the easiest to access by hackers or people trying to steal the data of students, faculty and staff. Removing those options allows the Division of IT to better protect that data.
The Division of IT will transition to Duo Verified Push for multifactor authentication while also introducing hardware-based authentication options.
There are now a few ways you’ll be able to authenticate beginning Oct. 17:
- Duo Verified Push: Done through the Duo Mobile app available on the app store and Google Play. The app will send you a push notification and users will complete a number-matching prompt to finish authenticating.
- Hardware-based authentication: This will allow users to authenticate via Apple Touch ID, Microsoft Hello or Apple/Android biometrics. Users can also use hardware like YubiKeys to authenticate.
The security of users is USC's top priority, and these upgrades are the next step to modernize and better protect the data of the Gamecock community.
There have also been upgrades to the user interface this semester with the login screen showing you multiple ways to authenticate, ordered by the most secure to the least. To register for Duo authentication, there are a few key steps:
- Go to your account on my.sc.edu.
- Navigate to the Update Account Settings page and sign-in with your university username and password.
- Answer your security question.
- Navigate to multi-factor and then to duo device management.
Some important information registering your device:
- If this is your first time using Duo at USC you will go through the device registration process.
- If you have registered devices, follow the prompts to manage your devices and explore MFA options.
- You may have to login and authenticate via a mobile device before logging onto a laptop or computer.
Users who want to use a security key instead of a mobile device, make sure it’s FIDO2 compatible. YubiKeys are available for purchase directly from Yubico or from Amazon.
For those using a key, the Division of IT recommends registering two keys and keeping one as a backup.
The upgrades will go into effect Oct. 17, and you simply must follow the login prompts after the upgrade. If you need to add a new device, go to myaccount.sc.edu to update your university account multifactor settings.
Users should expect to be logged out of Microsoft desktop and mobile applications like Outlook and Teams along with some USC systems like Blackboard and PeopleSoft. Some users may have to log in several times.
More information on how to configure Duo Multifactor Authentication options can be found in the Division of IT's Knowledge Base article.