As part of University Technology's 2014 Security Initiatives, we have partnered with Duo Security to offer additional protection to your uLogin account. This new service, known as Two-Factor Authentication, protects your uLogin account by adding a second step to the login process. After entering your uLogin ID and password, you will use either your phone or a device known as a hardware token to confirm your identity. This prevents anyone but you from accessing your account, even if they know your password.
This service is not enabled by default. In order to use Duo Two-Factor Authentication, you must first enroll in the system. If you are not enrolled in the system, you will continue to log in to Drew University web sites using your regular uLogin ID and password.
Drew University will be requiring all faculty, staff, and contractors with uLogin accounts to enroll in the system in order to protect the sensitive University records that employees have access to as part of the course of their work.
Students are not required to be enrolled in the system, although are welcome to do so if they choose. Student Employees may be required to enroll depending on the nature of their work and the electronic records they have access to.
It's easy to enroll yourself in Duo Two-Factor Authentication using self-service pages. After logging in, Duo Security will walk you through the steps to enroll one or more phone numbers into the system. We recommend enrolling multiple phones, such as your mobile phone and office landline. If you are enrolling multiple phones, enroll your primary cell phone first. Click here to get started with the process.
To learn more about the enrollment process, read the Enrollment Guide on Duo Security's web site.
If you do not have a cell phone, you may obtain a Hardware Token from University Technology. Tokens are distributed freely to faculty and staff who need to enroll in the two-factor authentication service. Please come to the University Technology Help Desk with a photo ID to obtain a token.
Once you have enrolled in Duo Security, you will be required to complete the second step of authentication whenever you see a uLogin form.
Simply enter your uLogin ID and password as usual and Duo will automatically use the Default method to log in. If the first phone you enrolled is a smartphone, Duo will send a push message to that phone and prompt you to approve the login using the Duo Mobile app. If it is not a smartphone, Duo will make a regular telephone call to that number and you be prompted to approve the login by pressing any key on your phone.
By clicking the Duo Security link on the uLogin form, you can select another method to use to log in. Click the drop-down to view the available options. The phones you have enrolled are designated Phone 1, Phone 2, and Phone 3 in the order in which you registered them during the enrollment process.
Duo supports a wide-variety of different devices for authentication. Select the type of device you are using to learn more:
After enrolling in Duo you will need to take additional steps if you currently synchronize your Drew University email and calendar with your smartphone or tablet, or use other email and calendar software such as Microsoft Outlook, Apple Mail, or Thunderbird. At present, these applications do not support two-factor authentication. Therefore, once you have activated Duo, we generate a new password specifically for use with these services known as your device password. Your device password is automatically managed by the system and will be changed for you every 90 days.
When setting up your phone or tablet to connect to Drew email, please consult our instructions. However, instead of entering your normal uLogin Password, enter your Device Password instead.
You may obtain your current Device Password at any time by visiting the self-service enrollment site. For security reasons, you will be prompted to perform two-factor authentication again even if you have already logged into uLogin. Information about your device password is displayed towards the bottom of the page:
We recommend selecting Enable Notifications so that you will receive an email automatically when your device password is about to expire and when it has been changed automatically.
When your device password expires, the system will generate a new one for your automatically. If you have selected Enable Notifications, the system will send you an email several days before the device password expires and after it has been changed. Once your device password has changed, your smartphone, tablet, or other email software will stop receiving new messages. Most phones will automatically prompt you for the new password. Simply visit the self-service enrollment site to obtain your new password and enter into your device. Your device should start sending and receiving messages and calendar updates normally.
We cannot extend the 90 day deadline for device password changes. However, you can expire your device password early to ensure uninterrupted service while you are away. Before your trip, simply visit the self-service enrollment site to check when your device password expires. If it will expire during your trip, click Generate a new device password to expire your current password immediately and generate a new one. This new password will not expire for an additional 90 days. Enter the new password into your phone and you will be able to enjoy uninterrupted service while you are away.