Multi-Factor Authentication (MFA)


Multifactor Authentication, or MFA, provides an additional layer of security when Yale resources are accessed from off campus. It is an important security measure to protect intellectual property, personal information, and Yale's data. This measure adds a step to the log-in process used for off-campus access to Yale's network and resources.

Multifactor Authentication requires an off-campus user to prove his or her identity after entering a NetID and password by responding to a prompt on a mobile device or landline. Universities and colleges across the country increasingly are adopting this technology, which is used commonly by financial institutions to verify online users' identities.

All Yale faculty, students, and staff who use a NetID and password to access Yale's network and resources are required to use MFA when off campus.

How do I get enrolled in MFA?

Shortly after your Computer Orientation, you will receive an enrollment email. Click the enclosed enrollment link to initiate the process. A step-by-step wizard will guide you through the process. You can see a preview of what to expect here. It's recommended that you download the Duo Mobile app on your smartphone prior to starting the enrollment. You can find the Duo Mobile app in Apple and Android app stores.

How does MFA/Duo work?

This link provides a detailed summary of how MFA will affect how you use Yale VPN and CAS (Central Authentication Service) applications, like courses.law.yale.edu, WebSIS, Course Evaluations.

Authentication Methods

 Duo Push

  • Duo sends a login request to your phone's Duo Mobile app. Just tap Approve to authenticate. If the authentication request was unsolicited, you have the option to reject it. Information about the source of the login request is also displayed which includes IP address, Username, Geographic Location, and Time.
  • This method is not available offline.
  • Compatible with iOS 6 or greater (iPhone and iPad), Android 2.3.3 and greater, BlackBerry 10, BBOS 4.5.0 and greater, and Windows Phone 7.5 and greater.

Duo Mobile Passcodes

  • This generates passcodes in the Duo mobile application. This function works offline.
  • Compatible with iOS 6 or greater (iPhone and iPad), Android 2.3.3 and greater, BlackBerry 10, BBOS 4.5.0 and greater, and Windows Phone 7.5 and greater.

SMS Passcodes

  • Sends the requested passcode to any SMS enabled device with cell service. Batch SMS codes can be sent ahead of time for offline usage.

Phone Callback

  • Duo calls your phone. Just press any key to authenticate. Phone can be a cell phone or landline.

Hardware Tokens

  • A passcode is generated by physical token that can entered when prompted by Duo.
  • This does not require cellular or wireless connectivity.

Enrolling a New Device with the Same Number

This applies to anyone that has a new phone with the same phone number (i.e. upgraded phone or replacing a lost or stolen phone). This guide explains how to install the DUO mobile app in order to receive DUO “Push” notifications which is lost if the old phone is not present or active. It is recommended that you go your respective device's app store and download the Duo Mobile app before beginning this process. For the easiest installation, Duo Mobile requires at least temporary access to the camera to scan the QR Code for enrollment.

1. Go to access.yale.edu.

  • Log in with your NetID and password.
  • In the following Duo screen, choose the appropriate device that you want to use for authentication in the Device field.
  • Note: You can receive a phone call or SMS text message to your new phone (with the same phone number), but not the DUO Push notification for authentication.
  • Select the authentication type. Then click on the Manage Devices button.
  • Clicking the Manage devices button prompts the user to authenticate, then displays the Enrolled Devices page.

2. To link DUO to your new device with the same, previously registered number:

  • Click the Actions button next to the number you are activating.
  • Select Activate DUO mobile
  • Chose the platform on which your device runs, and click Continue.

3. Depending on your back up settings, the DUO mobile app may already be on your phone.

  • If you already have DUO mobile installed – check the “I have Duo Mobile Installed” box and click continue.
  • To Install the Duo Mobile app on your new phone: Follow the directions on the DUO Mobile screen. Once you have completed the installation, check the “I have Duo Mobile Installed” box and click continue.

4. Activate Duo Mobile - Activating the application will link it to your account so you can use it for authentication. On iPhone, Android, Windows Phone, and BlackBerry 10, activate Duo Mobile by scanning the barcode with then built-in barcode scanner. The Continue button will be clickable after you scan the barcode. Can't scan the barcode? Click the Having Problems? link and then follow the instructions.

Enrollment Complete! DUO Mobile is now activated and you can receive PUSH notifications on your new device.