In an ongoing attempt to protect the Haverford community and their data IITS is implementing Duo, a multi-factor authentication solution. Once enrolled in Duo, users logging into resources that authenticate with the red Haverford login screen, such as Workday, Gmail, and Moodle, as well as BiONiC will be required to provide a second factor of authentication.
This factor can be a notification to an app on a registered cell phone, phone call or text message to a registered cell phone, phone call to a registered landline, or a number created by a hardware code generator (available for departmental purchase).
Duo will protect our users from attacks such as elaborate phishing emails as even if a Haverford password is compromised, Duo will prevent the bad actor from completing the login without a second factor of authentication.
Duo provides several options for authentication. IITS recommends using the Duo Mobile app on a smartphone.
How does Duo handle phone numbers?
Once a phone number has been added to Duo Mobile, it does NOT need to be added again when it is migrated to a new device.
Note: For best results, please use a computer and NOT a phone when proceeding through the steps below.
To Note: If you are having any trouble with the seeing your phone in point #4, try from a completely different browser, a private/incognito window, or do a cache refresh of the page by Windows: CTRL+F5 or Mac: Cmd and Shift and then press R.
1 - Sign into https://accounts.haverford.edu with your Haverford username and password.
2 - When logging in, at the Duo prompt click on Other Options and choose text or call.


3 - Once logged in, click on My Security.
4 - Click on the three dots to the top-right of your phone.

5 - Follow through the prompts to get a QR code which you can add via the Duo mobile app, or get an activation link via your email we have on file. Here are the prompt windows you will see as you go through.



Note: For best results, please use a computer and NOT a phone when proceeding through the steps below.
To Note: If you are having any trouble with adding a device in point #4, try from a completely different browser, a private/incognito window, or do a cache refresh of the page by Windows: CTRL+F5 or Mac: Cmd and Shift and then press R.
1 - Sign into hhttps://accounts.haverford.edu with your Haverford username and password.
2 - When logging in, with your original number for Duo, at the Duo prompt click on Other Options and choose text or call.


3 - Once logged in, click on My Security.
4 - Click on the Add a device 'plus sign' box and follow through to add a new phone number.

Password Policy Change
We are pleased to announce that in conjunction with the Duo implementation, as of February 2019 the College’s password policy will be updated to reflect the most current national and international best practices: we will no longer require community members to reset their passwords every six months. Instead, we will opt for longer passphrases that do not need to be changed on a regular cycle.
FAQ
Do I need to download the Duo Mobile app on my smartphone?
No. You can still use your mobile phone as a second factor of authentication without downloading the app, although it is the easiest method.
In order to accomplish this, choose “Mobile Phone” in the setup, enter your mobile phone number, and select “Other Phone” as the next option. This will still allow you to receive phone calls and text messages without the app.
In order to receive a text message, select the “Enter Bypass Code” option and then select “Text Me New Code.
What if I do not have a cell phone?
Hardware code generators can be used as a second factor of authentication.
The hardware code generator is a small device that provides a number when a button on the device is pushed that will satisfy the required two factor authentication.
These can be requested from the IT Service Desk. They should only be used if you do not have a cell phone capable of using the Duo App.
What if I don’t have my cell phone and get locked out of my account because I cannot login with Duo?
The IITS Service Desk can generate a limited use code for you to use until you can gain access to your Duo registered device.
IITS recommends a minimum of two devices registered in Duo to avoid lockouts.
Can I opt out of Duo?
IITS is committed to protecting both the data of our users and the data of the College. At this time, anyone who accesses Haverford resources is not permitted to opt-out of using Duo.
What if I don’t have cell phone service or wireless service, how can I use Duo on my cell phone?
The Duo Mobile app can generate a usable code without any connection to cellular or wireless networks. Simply open the app, generate the code, and enter it in the Duo login screen.
Another option would be for a hardware code generator, available for purchase through your department. Please seek approval from your departmental budget manager and submit a ticket through the IITS Service Desk to purchase this device.
What Haverford resources will require me to use Duo?
Any service that uses the red login screen will prompt for a second-factor of authentication via Duo after a Haverford username and password has been entered. This includes Workday, Gmail, and Moodle to name a few.
Duo also protects BiONiC.
What if I’m having issues with Duo on my smartphone?
Please contact the IITS Service Desk for assistance or view the links below.
iOS Troubleshooting: https://help.duo.com/s/article/2051
Android Troubleshooting: https://help.duo.com/s/article/2050