• What is 2FA?

    Two-factor authentication (2FA) leverages two separate methods of proving a user is who he or she claims to be. Anyone who has ever used a debit card to withdraw money from an ATM has used two-factor authentication. Sliding the debit card into the ATM provides the first factor of authentication: using something you have. Typing in your PIN provides the second factor of authentication: using something you know.
  • Where is 2FA used?

    UAB began incorporating Duo 2FA with single sign-on applications in January 2018 and will continue to add it to more applications and web sites in the future.
  • Why use 2FA?

    One of the most valuable sets of information that miscreants can steal are our BlazerIDs and strong passwords. If a malicious actor steals those credentials, whether through a successful phishing attack or a password-reuse issue, he/she can impersonate you and access any accounts to which you have access. That can open the door to serious issues, such as changing your direct deposit settings to someone else’s bank account or corrupting/stealing/destroying your research data. Using 2FA raises the bar required to successfully pull off such attacks.
  • How does 2FA work?

    When you log in from your computer to an application or site that requires Duo 2FA with your BlazerID, you first enter your BlazerID and strong password, like usual. Then choose a Duo authentication method (usually Duo Push or Passcode). Then you can use the Duo app on your mobile device to confirm your login attempt. When you return to your computer screen, you will notice that your login session has been completed.