What is MFA?
Multifactor authentication (MFA) is a way to confirm that a username and password are being entered by an authorized person, and not someone who obtained the login through a data leak or phishing attack. Examples of MFA include:
- Sending a confirmation prompt to your phone or mobile device
- Requiring a code from a text message or a previously generated list
- Using a card or hardware token on the computer/system
Duo is already being used at Columbia University for many online systems, however any existing CU account in Duo cannot be used with CUIMC systems; a separate CUIMC account must be set up.
When do I need to use MFA at CUIMC?
CUIMC requires MFA via a program called Duo for the services listed below. After setting up your CUIMC Duo account, simply sign in to the program as usual and use your selected method for MFA.
CUIMC Duo is required when signing in to various Medical Center systems and applications, such as:
- CUIMC email and Microsoft Office 365 apps
- CUIMC VPN
- Virtual environments
How Duo Works
As a new user, you will be prompted to enroll in CUIMC Duo when you first sign in to CUIMC email, Office 365 app/portal, VPN, or any system that requires CUIMC Duo.
The form walks you through selecting your preferred authentication method and any other steps to complete set up. A list of the methods and instructions are on the email and Office 365 pages. Methods include:
- Push (preferred method) - via the Duo app installed on a smartphone or tablet. When you need to authenticate, your cell or wifi connected device will prompt for approval within the app with a numeric code which must be entered to approve the Duo Push. This ensures users cannot accidentally approve login requests when they aren't actively logging in to the application.
- SMS/Text Message - one-time use passcodes are sent by text message to enter when needed.
- Phone call - Duo service can call a landline or cell phone number to prompt for authentication approval.
- Passcode - the Duo app can provide a one-time passcode even if the mobile device is not connected to wifi or cell service.
Devices that can be used with Duo include:
- Smartphones - iPhones, Android devices, and Windows phones.
- Tablets - iPads and Android devices
- Basic cell phones - with or without text capability
- Landlines - a work/desk or even home phone
Detailed help can be found on the How to Enroll in Duo for Email and Office 365, Using CUIMC Email and Office 365 with Duo, and FAQ pages, as well as Duo's generic Enrollment Guide.