Virginia Tech® home

Enhanced 2-Factor Authentication

To improve security of personal data and university systems, Virginia Tech is upgrading our Duo 2-Factor Authentication service for all members of the university community. This upgrade is called "enhanced 2-factor authentication." 

What is changing and why? 

  • Authentication through the Duo mobile app will require you to enter a 3-digit code to verify that the person logging in is really you! This quick step greatly reduces the risk of accidentally approving a fradulent push notification. 
  • Less-secure methods of authentication, including verification by telephone call and SMS/text message, will be phased out later in the 2025-2026 academic year. These methods are easy to spoof or intercept. In comparison, the updated process in the app and token authentication methods are far more secure.

Timeline: 

  • August 11, 2025: Duo mobile app update requiring a 3-digit code takes effect for employees.
  • Beginning August 13, 2025: Duo mobile app update requiring a 3-digit code takes effect for current students. 

Currently registered Voice call and SMS/text verification devices will continue to work for now, but these options will be discontinued at a later date. 

If you use one of these options currently, we strongly recommend that you go ahead and enable the Duo Mobile App or enroll a hardware or software token, and transition away from using the text or voice methods. 

What to do

EVERYONE - print your One Time Passcodes! If you ever need to log in without your phone (and don't use a token), using one of these codes will allow you to log in without calling 4Help IT Support first. These ten codes only expire when you use them, so it's a great backup strategy to have on hand.

Do this even if you're already using the Duo Mobile App or a token, as the codes are the best backup you have if you lose your phone or token.

  • Visit https://accounts.it.vt.edu
  • Select '2-Factor' in the menu.
  • Scroll to One Time Passcodes and click 'Generate Passcodes.'
  • Click 'Generate.'
  • Save these codes electronically or on paper in a secure location, or in a password manager.
  • Consider that since the most likely reason you'd need these is that your phone is dead or unavailable, you need to have access to the passcodes in a way that won't require your phone.

Also, do the following:

  • Set up an additional authentication option — this can be adding Duo Mobile to a second phone, having Duo Mobile on your phone + a Yubikey, etc. This way you won't be locked out if your phone breaks, you lose your hardware token, etc.
  • If you currently use voice call or text/SMS as your primary verification method: take steps to enable the Duo Mobile app or enroll a hardware or software token so that you are already set for the change and using a more secure login method. 

Where to get more information

The 4Help Knowledge Base contains detailed instructions on using enhanced 2-factor authentication. These articles in particular should be helpful: 

If you still need help after consulting the articles above, you can call 4Help at 540-231-4357 to speak with an agent, or file a ticket online at 4help.vt.edu