To further enhance the security of UGA’s information assets, the login process for applications that use UGA’s Single Sign-On Service (SSO), including eLearningCommons, Athena and OneUSG Connect, will change for UGA students, faculty and staff, effective May 18, 2023.
Duo, the vendor behind UGA’s ArchPass two-step login solution, is updating the look and feel of their universal authentication prompt, and the process for the second step of two-step authentication will change. Once the new prompt is put in place on May 18, the change will be immediate across all SSO applications.
Currently, students, faculty and staff logging into SSO applications are able to pick from several options for two-step authentication, including a push notification from the Duo Mobile App; entering a passcode generated by the Duo Mobile App; a phone call; or a passcode sent via SMS text.
After May 18, when a user logs into eLC, Athena or another SSO application, they will see the new Duo universal authentication prompt, which will automatically pick the most secure option for authentication. The authentication option chosen will depend on what devices the user has enrolled in Duo. For example, if a user has the Duo Mobile App installed on their smartphone, the prompt will automatically send a push notification.
Users can stop the automatic selection, and pick a new default option for future authentication prompts the first time they log into an SSO application after May 18.
In addition, the option to remember Duo credentials for 30 days will change. Instead of “Remember Me,” users will see “Trust this browser?” Select “Yes, trust browser” to remember Duo credentials.
UGAMail and Office365 switched to the Duo universal authentication prompt Jan. 19. All UGA applications using Duo will switch to the new prompt in the coming year.
An informational video about the new prompt is available on the EITS Help Desk YouTube Channel: https://www.youtube.com/watch?v=5V04AZEFqyg
Questions can be directed to Lance Peiper, associate director for information security, at firstname.lastname@example.org.