Enhanced 2-Factor Authentication
To improve security of personal data and university systems, Virginia Tech is upgrading our Duo 2-Factor Authentication service for all members of the university community. This upgrade is called "enhanced 2-factor authentication."
What is changing and why?
- Authentication through the Duo mobile app will require you to enter a 3-digit code to verify that the person logging in is really you! This quick step greatly reduces the risk of accidentally approving a fradulent push notification.
- Less-secure methods of authentication, including verification by telephone call and SMS/text message, will be phased out later in the 2025-2026 academic year. These methods are easy to spoof or intercept. In comparison, the updated process in the app and token authentication methods are far more secure.
Timeline:
- August 11, 2025: Duo mobile app update requiring a 3-digit code takes effect for employees.
- Beginning August 13, 2025: Duo mobile app update requiring a 3-digit code takes effect for current students.
Currently registered Voice call and SMS/text verification devices will continue to work for now, but these options will be discontinued at a later date.
If you use one of these options currently, we strongly recommend that you go ahead and enable the Duo Mobile App or enroll a hardware or software token, and transition away from using the text or voice methods.
What to do
EVERYONE - print your One Time Passcodes! If you ever need to log in without your phone (and don't use a token), using one of these codes will allow you to log in without calling 4Help IT Support first. These ten codes only expire when you use them, so it's a great backup strategy to have on hand.
Do this even if you're already using the Duo Mobile App or a token, as the codes are the best backup you have if you lose your phone or token.
- Visit https://accounts.it.vt.edu
- Select '2-Factor' in the menu.
- Scroll to One Time Passcodes and click 'Generate Passcodes.'
- Click 'Generate.'
- Save these codes electronically or on paper in a secure location, or in a password manager.
- Consider that since the most likely reason you'd need these is that your phone is dead or unavailable, you need to have access to the passcodes in a way that won't require your phone.
Also, do the following:
- Set up an additional authentication option — this can be adding Duo Mobile to a second phone, having Duo Mobile on your phone + a Yubikey, etc. This way you won't be locked out if your phone breaks, you lose your hardware token, etc.
- If you currently use voice call or text/SMS as your primary verification method: take steps to enable the Duo Mobile app or enroll a hardware or software token so that you are already set for the change and using a more secure login method.
Where to get more information
The 4Help Knowledge Base contains detailed instructions on using enhanced 2-factor authentication. These articles in particular should be helpful:
- Duo 2-Factor Authentication - General Setup and Use (all the basics you need are here)
- Frequently Asked Questions about Duo 2-Factor Authentication (useful for troubleshooting and more advanced questions)
If you still need help after consulting the articles above, you can call 4Help at 540-231-4357 to speak with an agent, or file a ticket online at 4help.vt.edu.