Helpful Documentation

Overview

How do I enroll in Two-Factor Authentication with Duo Security?

Click here for step-by-step enrollment instructions.

What is Two-Factor Authentication with Duo Security?

Two-Factor Authentication provides an extra layer of security by requiring a user to log in with a username and password, plus a second method of verifying the user's identity. The second method is something the user has physical access to, like a cellular phone, smart phone, tablet or landline. This prevents anyone but you from logging in, even if they know your username and password.

Why are we using a Two-Factor Authentication process?

Healthcare institutions are increasingly becoming a target for cyber criminals. According to a recent international report, 81.9% of security breaches involve compromised credentials. Two-Factor Authentication provides additional security so that data is only accessed by authorized users. Enforcing Two-Factor Authentication across the organization will strengthen our network security and protect the systems you access. Two-Factor Authentication only impacts you when you are logging in from outside of the network.

How does Two-Factor Authentication with Duo Security work?

Two-Factor Authentication only impacts users when logging in from outside of the network.

Step 1: You'll login as usual with your username and password.
Step 2: You'll use your device (cellular phone, smart phone, tablet or landline) to verify that it's you. Think of Duo as a layer of security added to your existing login.

Here is a quick 1 minute video showing how it works:

Enrollment Guide

  1. All users will receive an enrollment email from Duo Security (no-reply@duosecurity.com).

    1. To initialize the enrollment process, choose the link after “To begin, click this link to enroll a phone, tablet, or other device”.
    2. You must open this link on your computer for this process to work.

    Note: Please follow the user guide link for the enrollment instructions and the Duo FAQ for frequently asked questions.

  2. The personalized link will bring you to the start of Gundersen Health System’s Duo enrollment process. To proceed, choose “Start Setup”.

    Note: If you decide that you do not want to install the Duo Mobile app on your phone, please select the Landline option, and skip to “step 9”. Please note that the Duo application can be installed for free and uses very little data. It does not track or monitor any of your personal information.

    If you are okay with installing the Duo Mobile app on your phone, please proceed to “step 3”.

  3. Choose your preferred authentication device, and then “Continue”. Mobile phones are the recommended device for user experience and ease of use with Duo.

  4. Type in the number of your Mobile phone.

    1. To verify that the number entered is correct, check the box, and then click “Continue”.
  5. Choose the platform of your device (iPhone, Android or Other), and then “Continue”.

  6. Install Duo Mobile on your device.

    1. For iPhones: go to the App Store, search for Duo Mobile, tap “Get” and then “Install”.
      1. Once installed, choose “I have Duo Mobile Installed”.
    2. For Android: go to the Google Play Store, search for Duo Mobile and tap Install.
      1. Once installed, choose “I have Duo Mobile Installed”.
  7. Activate Duo Mobile on your device. Open the Duo Mobile app, tap the “+” and then scan the barcode in the window.

  8. Once scanned successfully, the barcode will appear with a green checkmark then choose “Continue”.

    1. Proceed to “step 16” of this guide.
  9. The following process will walk you through enrolling a Landline number for use with Duo.

    1. You only need to complete this process if you do not want Duo Mobile installed on your phone.
    2. Please note that the Duo application can be installed for free and uses very little data. It does not track or monitor any of your personal information.
    3. If you have already added Duo Mobile on your Mobile Phone, please skip to “step 16”.
  10. When asked “What type of device you are adding?”

    1. Select “Landline” and click “continue”.
  11. Enter your desired number that Duo will call to verify your identity.

    1. Verify you entered the correct number by selecting the check box.
    2. Click “Continue”.
  12. Select the “Call me” option. This will prompt you to verify the ownership of this number.

    1. You will receive a phone call from an automated service with a 6-digit code.
  13. Enter this code into the highlighted box below and select “Verify”.

  14. After your number is verified, select “Continue”.

    1. Notice the green checkmark next to “Verify”. This signifies a successful verification.
  15. You should now see your verified Landline number and your default device.

    1. For “When I log in”, select “Automatically call this device”.
    2. Select “Finish Enrollment”.
    3. Skip to “step 17” of this guide.
  16. Manage your settings for your Gundersen Health Duo account.

    1. The default Device will automatically populate with the Mobile phone number you enrolled with.
    2. For “When I log in”, select “Ask me to choose an authentication method”.
    3. Choose “Finish Enrollment”.
  17. You are now successfully enrolled in your Gundersen Health System Duo Account.

Questions?

Please reach out to the Help Desk at 53070 with any questions about enrolling or using Duo.

Device Management

FAQ

  • Duo is a two-factor authentication service. It is used as either an application on your phone or an automated service that calls your phone.
  • By using Duo, we can provide an extra layer of security to protect our passwords and sensitive information against hackers that may try to steal them.
  • Two-factor authentication, also known as 2FA, is a secondary step to prove who you are.
  • It combines something you know, with something you have.
    • The something you know would be your username and password.
    • The something you have would be Duo.
  • Think of it as a second key to get into your front door at home.
    • The first key would be your normal username and password.
    • Your second key would be Duo. Both are required to unlock your door and get into your house.
    • Similarly, both your login credentials and Duo are required to get into select applications.
  • Watch this video to learn more.
  • Login credentials are more valuable than ever and are increasingly easy to compromise. Over 90% of breaches today involve compromised usernames and passwords.
  • Two-factor authentication enhances the security of your account by using a secondary device to verify your identity. This prevents anyone but you from accessing your account, even if they know your password.
  • If you access one of the below programs, while working remotely, you will need to be enrolled in Duo for continued access.
    • Current Duo protected applications are the following:
      • Microsoft Office 365
  • If you do not enroll in Duo, your access to these remote applications may become impacted.
  • Moving forward, Duo will be the two-factor authentication of choice for Gundersen. As Duo begins to develop further, more applications will require Duo.
  • Once you are enrolled, anytime you use a Duo protected application, you may receive an authorization request to approve your login.
  • Duo requires a way to prompt you for approval. This can be done in one of three ways.
    • Push notification to your phone on the Duo Mobile app.
    • An automated phone call from Duo.
    • Manually enter the passcode from the Duo Mobile application.
  • Here is an example of Duo Push in action.
  • Use the “Deny” option if you did not initiate the request.
  • Report these types of incidents to the Help Desk at 53070.
  • No. Duo works in conjunction with AirWatch.
  • If you have AirWatch, you will need to be enrolled in Duo.
  • No. You only need Duo on a single device.
  • You will need to have that device with you if you are prompted for two-factor authentication.
  • The Help Desk can generate a one-time use bypass code to allow you into the Duo protected application.
  • If you lost your phone, please contact the Help Desk at 53070 to remove your phone so that it cannot be used without your permission.
  • If you get a new phone, please contact the Help Desk at 53070 to remove your old phone and enroll your new device.
  • Security experts at NIST: National Institute of Standards and Technology proved that text and SMS messages can be intercepted by hackers. This means that two-factor authentication methods that rely on SMS and text messaging aren't enough anymore. While installing another app is not always a popular choice, Duo Mobile is currently the best way to safeguard your information and identity.
  • No. Your password is only sent to Gundersen systems and is never passed to Duo.
  • Duo stores very little information, just enough to do its job.
  • Please note that the Duo application can be installed for free and uses very little data. It does not track or monitor any of your personal information.
  • If you still do not wish to use your personal device for Duo access, you can you can still use two-factor authentication by having Duo call a landline or cellphone number.
  • If you have not already received an enrollment request from no-reply@duosecurity.com please contact the Help Desk at 53070.
  • If you have already received the enrollment request, but have further questions, please reference the deployment guide in the email. Also available here.
  • Please contact the Help Desk at 53070 and they will re-send your enrollment email.

Questions?

Please reach out to the Help Desk at 53070 with any questions about enrolling or using Duo.