Duo Two-Factor Authentication
Duo Two-Factor Authentication (2FA) adds a second layer of security to online accounts to protect data and personal information. When an Aims student, faculty member or staff member verifies their identity using a second factor such as a smartphone or hardware token key fob, it prevents anyone but the account holder from signing in—even if the person knows the password.
Duo 2FA is required for all Aims employees signing in to Workday and other services using single sign-on. All employees are asked to enroll in Duo ahead of the Workday implementation to become acquainted with the service and to safeguard your account for immediate protection upon enrolling.
Watch this video to help you get started with Duo Security.
Watch this video to see instructions for one-touch authentication with Duo Push on a mobile phone.
1. After clicking on "Enroll on Duo", sign in with your myAims credentials.
2. Click "Start Setup"
3. Select the type of device you wish to add and click "Continue".
4. Enter your mobile phone number. Verify it by checking the box and then click "Continue".
NOTE: The screen you see is dependent on the type of device you selected in the previous set. For this example, ‘Mobile phone’ was selected.
5. Select the type of phone you added and click "Continue".
6. Install the Duo Mobile app if you do not already have it. Once you have it installed, click "I have Duo Mobile installed".
7. Follow the onscreen instructions to activate Duo. Click Continue.
8. Click the drop-down list next to ‘When I log in:’ and select Automatically send this device a Duo Push. Click "Continue to Login".
9. Click "Send Me A Push".
10. Approve the Duo Push notification on your device
You have successfully enrolled and activated Duo. All of your subsequent sign-ins to Aims services that use single sign-on (e.g., myAims) will be protected with Duo 2FA.
If you have not already enrolled in Duo when you sign into Workday for the first time, follow the steps above if you're enrolling a smartphone, tablet, or security key. For step #1, you will sign in to Workday rather than clicking "ENROLL IN DUO."
If you don’t have a smartphone or prefer not to use your personal device, we can provide you with a hardware token key fob that you will use to generate and manually enter a passcode. Please complete the form linked below to request a hardware token key fob.
1. Sign in to the service as you normally would
2. You will be presented with the following window after entering your username and password:
3. Click "Send Me a Push"
4. Approve the Duo Prompt on your mobile device.
1. Sign in to the service as you normally would
2. You will be presented with the window below after entering your username and password. Be sure 'Token' is selected in the drop down.
3. Click "Enter a Passcode"
4. Press the button on your hardware token to generate a passcode.
5. Enter the passcode and click "Log In"
Two-factor authentication (2FA) provides an additional layer of security to the authentication process. It requires users to provide something they know (e.g., password) along with something they have (e.g., push verification on your smartphone or a code generated by a hardware token key fob). Aims Community College uses a vendor called Duo to provide 2FA.
Protecting student and staff sensitive information is critical. Failing to do so could result in harm, identity theft or fraud to the individual. Additionally, unauthorized disclosure of sensitive information could have serious ramifications for the college including damage to reputation, legal liability, or remediation costs. We believe Duo is an effective countermeasure for reducing this risk.
Duo helps to safeguard sensitive information and protects against online attacks such as phishing and credential theft. Once enrolled, a cybercriminal would not only need your username and password, but also need access to your Duo enrolled device in order to sign in as you. You will also be notified through the Duo Mobile app if someone attempts to sign in with your credentials.
The easiest and most convenient way to use Duo is to download the Duo Mobile app on a smartphone or tablet; however, we understand that not everyone has such a device. Keychain hardware tokens are available by request by completing this form.
It’s very important to remember what Duo 2FA requires—your 2FA device and time—and to plan accordingly to avoid any issues.
Some Aims services such as Workday will require 2FA and we plan to protect additional services in the future.
Yes. This is helpful if you ever misplace your primary device.
All of your subsequent sign-ins to Aims services that use single sign-on (e.g., myAims) will be protected with Duo 2FA and you will be prompted for Duo verification.
No. You have the option for Duo to remember you for 7 days. Just check the 'Remember me for 7 days' check box when signing in.
No. There will be no cost to use Duo.
Reject the sign in request then change your Aims password as soon as possible using Aims Okta Apps Manager. Contact the IT Service Desk as your Aims account may have been compromised.
You have the option to generate an offline passcode if your phone loses connectivity. On the Duo prompt, click 'Use a Passcode' instead of the push option. Then, on your mobile device, simply open the Duo Mobile app, tap 'Aims Community College' and enter the code in the Duo prompt.
You may use an alternate device if you registered multiple devices. If you only registered one primary device, please email or call the IT HelpDesk.
No. Your credentials are verified with Aims systems.
No. While Aims VPN is sometimes confused with Duo, they are not the same thing. Duo simply protects Aims VPN with two-factor authentication.
You will need to register the new device with Duo, using the steps above under the heading. “How to Register a New Device With Duo.”