Duo is a multi-factor authentication system that will make it much harder for hackers to access your UC Davis accounts. Even if someone has stolen your passphrase, they will need a “second factor” — in most cases a temporary numeric code, to access your account.
To log in to a site or service protected by multi-factor authentication (variants are known as two-factor or two-step), you need your usual password and username, plus something that only you have, such as a token or smartphone. Duo uses that device to deliver the second factor. Specifically, Duo generates a second, temporary password and sends it to you, typically by using your smartphone or token.
Duo protects your account and your data. To gain access to your account, an attacker would need your passphrase as well as the physical device you use with Duo. If all the attackers have is your password, they can’t get in. If they somehow obtain your token or smartphone, they would still need your passphrase. In other words, one factor can fail, and the other will still protect you. (At UC Davis, the two primary authentication methods for many applications and websites are CAS and Shibboleth. They require your login and Kerberos passphrase, and provide the first level of sign-in authentication.)
Duo protects UC Davis. Duo will provide better security for UC Davis data assets, including accounts, applications and websites.
Duo offers flexibility. There are choices in how you can use Duo. You can receive the second password via a free mobile app on your smartphone, a hard token (a small device that typically resembles an electronic key or flash drive), via a phone call or text.
Duo is a simple solution. Duo offers simple integration with other services and an easy interface.