Access the Service

• Enroll in Duo at:  Self Service tool to enroll in Duo

Enroll an Authentication Device in DUO Security

CWRU Duo supports a range of electronic devices including:

• iOS smartphones and tablets
• Android smartphones and tablets
• Security keys (e.g. Thetis, YubiKey)

Common Issues/Questions

What is multi-factor authentication?

1. Multi-factor authentication (MFA) is required to log into various university systems. By requiring a second form of verification at sign-in, it protects CWRU accounts from unauthorized access even if a password is compromised. The Duo Mobile app (available for iOS and Android) is the most convenient method since most users already carry a smart phone, though security keys are available as an alternative.

Why do I need to use Duo?

1. Theft of Credentials is Common!
2. A user can be tricked into giving away their Network ID and passphrases through a malicious email or phishing or other online scams (View phishing examples here).
3. Many people reuse passwords or passphrases on other websites (Amazon; LinkedIn). If compromised, attackers often publish or sell the passphrases (infosecurity-magazine.com/news/linkedin-breach-weak-passwords).
4. A user shares their Network ID and/or password (in violation of CWRU policy) with someone else.
5. A user logs in from an infected computer where attackers continue to run and record keystrokes of the users' passwords and/or passphrases (Keylogger).

How do I use Duo for Webmail, HCM, MyApps, and other websites?

1. Authenticating with Duo for websites is virtually the same across the website, the only difference being how you authenticate. Learn how to authenticate to a website with your supported device on Duo’s website.

Why is the enrollment page telling me I logged in?

1. If you have already logged in with Duo on your browser session (for example, to access your email, HCM, or MyApps), the enrollment app will see that you are logged in and redirect you to a success message. This behavior, verifying that your Duo authentication method is working properly, is normal for this app, and is vital for many users to understand that they have successfully used Duo.

Why can't I get to the Add a New Device page?

1. If you logged in to an application that uses Duo (such as webmail, HCM, MyApps, etc), and you selected the Remember Me for 120 Hours option, the enrollment app will only be able to log you in.
   • In order to Add a new device (or change a device), open an Incognito browser session in either Google Chrome or Firefox and proceed to the enrollment page. Do not select Remember Me for 120 Hours when signing in.
     • To open an Incognito session in Chrome, open Chrome and use the keyboard shortcut Ctrl + Shift + N.
     • To open an incognito/private session in Firefox, open Firefox and use the keyboard shortcut Ctrl + Shift + P.

I have stopped receiving Push notifications on Duo mobile.

1. You may have trouble receiving push requests if there are network issues between your phone and Duo. Many phones have trouble determining whether to use the WiFi or cellular data channel when checking for push requests.[1] 

   • Try turning your phone on airplane mode for a few seconds, then turning off airplane mode.

   • Try turning off WiFi on your phone and requesting the code using cellular data.

   • Check the time and date on your phone and make sure they are correct. If the date and time on your phone are manually set, try changing your device's configuration to sync date and time automatically with the network.

   • iOS users can run a troubleshooting tool from within Duo Mobile version 3.32.0 or later. To run the tool:

     • Open the Duo Mobile app on your iOS device and tap the Edit button in the top left of the accounts list screen, then tap the name of the account for you aren't receiving push requests.

     • Next, tap the Get Started button in the "Missing Notifications?" section of the the "Account Details" screen.

     • Duo Mobile performs the test. If any step fails, you'll receive further troubleshooting suggestions. After taking the suggested actions, tap *Run test again* to retry.
        

My Duo token is not working anymore.

1. Duo tokens will no longer be supported starting May 18th, 2026. You must begin using the Duo Mobile app or a security key.

Is there a difference between a Duo token and a Yubikey? 

1. Duo tokens and YubiKeys are terms used interchangeably around campus, but this is incorrect as they are fundamentally different devices. Duo tokens are hardware devices that are from Duo that generate one-time use passcodes. Duo tokens will no longer be supported starting May 18th, 2026.
2. YubiKeys (also called security keys, FIDO keys, or universal two-factor (U2F) keys) are devices that you purchase that must be plugged into the device you are authenticating on. Usually, you must also press down on a gold part of the YubiKey to complete authentication. They can also be held close to the device so it can be scanned, as in the case of a cell phone. There are no passcodes generated with YubiKeys.

YubiKey