Notice:  
Duo Security has announced that the existing 2FA interface is reaching end-of-life 1Q24 and as a result all applications that use the existing interface will be updated.  This won't happen all at once, so until 2Q24 users may still see the existing interface. 

Traditional Duo login



Duo UP





Introduction

2-factor enrollment is required to log into many Virginia Tech Web-based systems. To use these Web sites and services that use the Login service, you are required to authenticate with a second factor.

Top of the page

Contents

• How Do I Login without My Phone or Any 2-Factor Device if It Is Lost, Forgotten, Broken or Unavailable?
• How Can I Login without Internet, Network, or Cellular Service Connectivity? (International / Overseas)
• What Do I Do about Duo Mobile App Errors, Problems, Connection Issues, or Duo Push Not Received?
• What Do I Do when the Duo Window Frame in the Browser Doesn't Load or Is Blank?
• How Do I Get and Print Backup Codes from the Virginia Tech Web Site?
• How do I Enable or Disable Duo Push to Automatically Push a Notification to My Phone?
• How Can I Temporarily Skip 2-Factor Authentication by Using the "Remember me for 7 days" Check Box?
• What Do I Do When I Can't Add a New Device, Can't Access Manage My Settings and Devices, 2-Factor Is Automatically Skipped, or "Remember me for 7 days" Is Greyed Out?
• What Are the Supported Smartphone Operating Systems?
• How Do I Rename a YubiKey, D-100, or Software Token?
• How Do I Reactivate the Duo Mobile App?
• How Do I Remove or Delete an Authentication Device from My Duo Account?
• How Do I Set or Change the Default Duo Authentication Device?
• Why Does "Remember Me for 7 Days" Not Work, and Not Keep Me Logged in?
  
  • How Can I Use "Remember Me for 7 Days" while Blocking Cookies?
• Can I Use 2-Factor without a Mobile Device?
• What if I Don't Want the Duo App on My Phone?
• What if I Got a New Phone with the Same Phone Number? 
• How Do I Set a Token as My Default Authentication Device?
• How Do I Enroll a Device without a Computer or When I Can't Scan the QR Code?
• How Can I Log in if the Account Was Accidentally Deleted or Removed from the Duo App?
• What Do I Do after I Accidentally Deleted or Removed My Second Factor Device?
• Why Does 2-Factor Authentication Fail or Not Work with the Nuance Dragon 13 Web Browser Extension?
• Why Do I Get the D-100 Incorrect Passcode or Token Out of Sync Error Message?
• Why Am I Locked out of HokieServ or Web-CAT? Why Did I Get an Automatic Push when Trying to Log in to HokieServ or Web-CAT?

Related Links

• Enrolling or Adding a Second Factor Device to Duo 2-Factor Authentication
• Authenticating using Duo 2-Factor Authentication
• YubiKey and D-100 Hardware Tokens for Duo 2-Factor Authentication
• Documentation from Duo Support

How Do I Login without My Phone or Any 2-Factor Device if It Is Lost, Forgotten, Broken or Unavailable?

If you temporarily misplaced, left, forget it at home, broke, or otherwise can't use or access your 2-factor device to authenticate:

1. If you have an additional device enrolled, use that device to authenticate.
2. Otherwise, you must *call* 4Help at 540-231-4357 to get a bypass code. Bypass codes are *not* given online or by email.

Top of the page

How Can I Login without Internet, Network, or Cellular Service Connectivity? (International / Overseas)

****When outside of the continental United States, 4Help highly recommends Authenticating with a Passcode from Duo App or Virginia Tech Web site or a previously enrolled D-100 or YubiKey token.****

Authenticating via voice call or SMS text message when outside of the continental United States *may not work* because Duo rate charges exceed Virginia Tech's limit of 20. It is very important to note the credit rate for the location where you will be authenticating. As seen on Duo's Rate Card page, Duo will not send a voice call or SMS text message if a single phone call or SMS text message uses more than 20 credits. For additional information and rates that apply to your location, see Duo's Rate Card page.

Some locations will be blocked due to government regulations that are subject to change without notice per https://help.duo.com/s/article/7544?language=en_US.

(If you do not have access to any method of authenticating with a second factor, follow the instructions at Lost, Forgot, Broke, or Unavailable 2-Factor Device.)

In case you need to authenticate without Internet or cellular service in the future, 4Help advises doing at least one of the following when you are on campus:

• Install the Duo Mobile app by following the instructions at Enrolling a Smartphone, Tablet, or Mobile Device by Installing the Duo Mobile App.
  (Anytime you are without Internet or cellular connectivity, you can start the Duo Mobile app and generate a passcode within the app by following the instructions at Authenticating with a Passcode from Duo App. Even with your smartphone or tablet in airplane mode, you can start the Duo Mobile app and generate passcodes.)
• Save (or write down on a piece of paper) a list of 10 codes generated by following the instructions at Print Passcodes from Virginia Tech Web Site.
• Use a D-100 token which you have already enrolled to your account. D-100 tokens do not require any Internet or cellular connectivity to be used as a second factor. For more information, see Authenticating Using the Duo D-100.

Top of the page

What Do I Do about Duo Mobile App Errors, Problems, Connection Issues, or Duo Push Not Received?

Occasionally you may experience connectivity issues such as not receiving Duo Push notifications or timeout errors. This problem is often resolved by refreshing the Duo Mobile app. To do that:

1. If you recently disabled or turned off your device's airplane mode, wait five minutes after turning off airplane mode.
2. On your device, start the Duo Mobile app.
3. Between the Virginia Tech logo and the key, tap and pull down on the window, and then release.
4. The app will be refreshed.

Top of the page

What Do I Do when the Duo Window Frame in the Browser Doesn't Load or Is Blank?

Go to the Duo Security Status Web page, and look for any interruption of service.  If that Web page does not list any issues, then one of these conditions may be causing the problem:

• You have a firewall installed on your device and it is preventing your browsers from reaching Duo.
• You have Parental Controls or other restrictions on your device and that is preventing your browsers from reaching Duo.

If you have difficulty correcting these issues, contact 4Help by clicking Get Help at the top of this page or at http://4help.vt.edu.

Top of the page

How Do I Get and Print Backup Codes from the Virginia Tech Web Site?

1. If you cannot authenticate with any second factor, follow the instructions at Lost, Forgot, Broke, or Unavailable 2-Factor Device instead of these instructions.
2. Log on to the Virginia Tech accounts site through OneCampus.
   
   1. Go to http://onecampus.vt.edu.
   2. If the page appears dark with text overlaid, click the page to dismiss the overlaid text.
   3. If any OneCampus announcements pop-up, after reading the text, click the appropriate button to dismiss the pop-up.
   4. Near the top-right corner of the page, click Sign In.
   5. From the drop-down that appears, click Sign In.
   6. Type your credentials.
      
      1. In the Username text box, type your VT Username (PID), which is the first part of your @vt.edu email address.
      2. In the Password text box, type your VT Username (PID) passphrase.
      3. Click Login.
      4. Follow the on-screen instructions to complete authentication with your second factor.
   7. To the right of the OneCampus logo, in the What would you like to do? search box, type: account.
   8. On the keyboard, press Enter or Return.
   9. Click Manage Accounts.
3.  Near the bottom of the page, in the 2-Factor Account section, click Generate passcodes.
4. To confirm that you understand the warning displayed, click Yes, generate.
5. On the Web page, click Print.
6. Your printer settings will appear. Select the printer you want to use, and then click OK.
7. Store the printed paper in a secure location, and use a pencil or pen to mark when you use each code. Each code can only be used once.
8. Any Duo passcodes you previously printed from this Virginia Tech Web site will no longer work.

Top of the page

How do I Enable or Disable Duo Push to Automatically Push a Notification to My Phone?

1. When you turn on this auto-send feature, the "Remember Me for 7 days" feature cannot be turned on. In other words, you cannot use both auto-send and "Remember Me for 7 days" at the same time.
2. In your browser, open a new Chrome incognito / Edge inPrivate / Firefox private window.
3. Start logging on to OneCampus.
   
   1.  Go to the OneCampus page.
   2. If the page appears dark with text overlaid, click anywhere on the page to dismiss the overlaid text.
   3. If any OneCampus announcements appear, after reading the text, click the appropriate button to dismiss the announcement window.
   4. Near the top-right corner of the page, below the maroon banner, in the black bar, click Sign In.
   5. From the drop-down that appears, click Sign In.
   6. Type your credentials.
      
      1. In the Username text box, type your VT Username (PID), which is the first part of your @vt.edu email address.
      2. In the Password text box, type your VT Username (PID) passphrase.
      3. Click Login.
   7. If you have not yet registered for 2-factor, click Enroll.
   8. If you receive an automatic call or push notification, in the browser, click Cancel.
      (Do *not* complete authentication with your second factor, yet.)
4. In the Duo frame, under the Virginia Tech logo, click My Settings & Devices.
5. Complete the authentication with your second factor to access My Settings & Devices.
6. Use the When I log in: drop-down.
   
   • To turn on auto-send:
     
     1.  At the bottom of the Duo frame, from the Default Device: drop-down, click the device that you want to automatically be used each time you sign into a service that requires 2-factor.
     2. From the When I log in: drop-down, click either Automatically send this device a Duo Push or Automatically call this device.
     3. Click Save.
   • To turn off auto-send:
     
     1.  At the bottom of the Duo frame, from the Default Device: drop-down, click the device that is being used automatically.
     2. From the When I log in: drop-down, click Ask me to choose an authentication method.
     3. Click Save.

How Can I Temporarily Skip 2-Factor Authentication by Using the "Remember me for 7 days" Check Box?

On the screen where you are prompted to choose an authentication device, if you place a check in Remember me for 7 days and then successfully authenticate with your second factor, you will not be prompted for your second factor again within seven days *when on this computer, and using this browser*. This will remain in effect for 7 days, even if you use "CAS Logout". You will still be prompted for your VT Username and passphrase when logging on, but not for your second factor

1. In your browser, open a new Chrome incognito / Edge inPrivate / Firefox private window.
2. Start logging on to OneCampus.
   
   1.  Go to the OneCampus page.
   2. If the page appears dark with text overlaid, click anywhere on the page to dismiss the overlaid text.
   3. If any OneCampus announcements appear, after reading the text, click the appropriate button to dismiss the announcement window.
   4. Near the top-right corner of the page, below the maroon banner, in the black bar, click Sign In.
   5. From the drop-down that appears, click Sign In.
   6. Type your credentials.
      
      1. In the Username text box, type your VT Username (PID), which is the first part of your @vt.edu email address.
      2. In the Password text box, type your VT Username (PID) passphrase.
      3. Click Login.
   7. If you have not yet registered for 2-factor, click Enroll.
   8. If you receive an automatic call or push notification, in the browser, click Cancel.
      (Do *not* complete authentication with your second factor, yet.)
3. In the Duo frame, near the bottom, place a check in Remember me for 7 days.
4. Complete the authentication with your second factor.

Top of the page

What Do I Do When I Can't Add a New Device, Can't Access Manage My Settings and Devices, 2-Factor Is Automatically Skipped, or "Remember me for 7 days" Is Greyed Out?

If you have any of the following enabled:

• Auto-send (Duo Push notifications)
• Auto-call
• "Remember me for 7 days"

You will bypass and skip all of the 2-factor pages and prompts.

To get to "Add a new device" or "My Settings and Devices" or to enable or disable "Remember me for 7 days":

1. In your browser, open a new Chrome incognito / Edge inPrivate / Firefox private window.
2. Start logging on to OneCampus.
   
   1. Go to http://onecampus.vt.edu.
   2. If the page appears dark with text overlaid, click the page to dismiss the overlaid text.
   3. If any OneCampus announcements pop-up, after reading the text, click the appropriate button to dismiss the pop-up.
   4. Near the top-right corner of the page, click Sign In.
   5. From the drop-down that appears, click Sign In.
   6. Type your credentials.
      
      1. In the Username text box, type your VT Username (PID), which is the first part of your @vt.edu email address.
      2. In the Password text box, type your VT Username (PID) passphrase.
      3. Click Login.
3.  If you receive an automatic call or push notification, in the browser, click Cancel. Do not complete authentication with your second factor, yet.
4. In the Duo frame, under the Virginia Tech logo, click the link you want.
5. Complete the authentication with your second factor to access the settings that you selected.

Top of the page

What Are the Supported Smartphone Operating Systems?

The currently supported smartphone operating system versions for Duo Mobile can be found on the following pages:

• Duo Mobile on iPhone next to Supported Platforms
• Duo Mobile on Android next to and under Supported Platforms

Support for older operating systems and devices, such as those below, will be discontinued:

• Blackberry
• Android 3
• Apple iOS 6
• Apple iOS 7

Top of the page

How Do I Rename a YubiKey, D-100, or Software Token?

The Duo system does not allow you to change the name of or rename any token; each token will be assigned a unique set of characters.

Top of the page

How Do I Reactivate the Duo Mobile App?

1. In your browser, open a new Chrome incognito / Edge inPrivate / Firefox private window.
2. Start logging on to OneCampus.
   
   1.  Go to the OneCampus page.
   2. If the page appears dark with text overlaid, click anywhere on the page to dismiss the overlaid text.
   3. If any OneCampus announcements appear, after reading the text, click the appropriate button to dismiss the announcement window.
   4. Near the top-right corner of the page, below the maroon banner, in the black bar, click Sign In.
   5. From the drop-down that appears, click Sign In.
   6. Type your credentials.
      
      1. In the Username text box, type your VT Username (PID), which is the first part of your @vt.edu email address.
      2. In the Password text box, type your VT Username (PID) passphrase.
      3. Click Login.
   7. If you have not yet registered for 2-factor, click Enroll.
   8. If you receive an automatic call or push notification, in the browser, click Cancel.
      (Do *not* complete authentication with your second factor, yet.)
3. In the Duo frame, under the Virginia Tech logo, click My Settings & Devices.
4. Complete the authentication with your second factor to access My Settings & Devices.
5. Follow the instructions in the Manage Existing Devices section *and* in the Reactivate Duo Mobile section on the Managing Your Devices page.

Top of the page

How Do I Remove or Delete an Authentication Device from My Duo Account?

1. In your browser, open a new Chrome incognito / Edge inPrivate / Firefox private window.
2. Start logging on to OneCampus.
   
   1.  Go to the OneCampus page.
   2. If the page appears dark with text overlaid, click anywhere on the page to dismiss the overlaid text.
   3. If any OneCampus announcements appear, after reading the text, click the appropriate button to dismiss the announcement window.
   4. Near the top-right corner of the page, below the maroon banner, in the black bar, click Sign In.
   5. From the drop-down that appears, click Sign In.
   6. Type your credentials.
      
      1. In the Username text box, type your VT Username (PID), which is the first part of your @vt.edu email address.
      2. In the Password text box, type your VT Username (PID) passphrase.
      3. Click Login.
   7. If you have not yet registered for 2-factor, click Enroll.
   8. If you receive an automatic call or push notification, in the browser, click Cancel.
      (Do not complete authentication with your second factor, yet.)
3. In the Duo frame, under the Virginia Tech logo, click My Settings & Devices.
4. Complete the authentication with your second factor to access My Settings & Devices.
5. Follow the instructions in the Remove Device section on the Managing Your Devices page.

Top of the page

How Do I Set or Change the Default Duo Authentication Device?

1. In your browser, open a new Chrome incognito / Edge inPrivate / Firefox private window.
2. Start logging on to OneCampus.
   
   1.  Go to the OneCampus page.
   2. If the page appears dark with text overlaid, click anywhere on the page to dismiss the overlaid text.
   3. If any OneCampus announcements appear, after reading the text, click the appropriate button to dismiss the announcement window.
   4. Near the top-right corner of the page, below the maroon banner, in the black bar, click Sign In.
   5. From the drop-down that appears, click Sign In.
   6. Type your credentials.
      
      1. In the Username text box, type your VT Username (PID), which is the first part of your @vt.edu email address.
      2. In the Password text box, type your VT Username (PID) passphrase.
      3. Click Login.
   7. If you have not yet registered for 2-factor, click Enroll.
   8. If you receive an automatic call or push notification, in the browser, click Cancel.
      (Do not complete authentication with your second factor, yet.)
3. In the Duo frame, under the Virginia Tech logo, click My Settings & Devices.
4. Complete the authentication with your second factor to access My Settings & Devices.
5. Follow the instructions in the Default Authentication Options section on the Managing Your Devices page.

Top of the page

Why Does "Remember Me for 7 Days" Not Work, and Not Keep Me Logged in?

The "Remember me" functionality requires persistent cookies in your browser.  If your browser is not remembering that you checked the "Remember me for 7 days" box, then check the cookie settings of your browser. To find information on the cookie settings of your browser, click the following link to search Google: browser cookie settings.

Chrome's "incognito" setting, Firefox's "private window", and Internet Explorer's/Edge's "InPrivate" settings will cause the "Remember me for 7 days" feature to not work.

How Can I Use "Remember Me for 7 Days" while Blocking Cookies?

If you set your browser to block all cookies, the 'Remember me for 7 days' feature will not work. To fix this, allow "duosecurity.com" as an trusted exception. To do this:

• Edge:
  
  1. In Edge, in the top-right of the window, click the hamburger menu represented by three dots.
  2. Click Settings.
  3. Click on Cookies and site permissions.
  4. Click on the > at the end of Manage and delete cookies and site data.
     
  5. Click on Add in the Allow section
  6. In the Site: text box, type: duosecurity.com
  7. Click Add.
• Firefox:
  
  1. In Firefox, in the top-right of the window, click the hamburger menu represented by three horizontal lines.
  2. Click Settings.
  3. In the left pane, click Privacy & Security.
  4. In the Cookies and Site Data section, click Manage Exceptions.
  5. In the Address of website: text box, type: duosecurity.com
  6. Click Allow.
  7. Click Save Changes.
• Chrome:
  
  1. In Chrome, near the top-right of the window, click the hamburger menu represented by three horizontal dots.
  2. From the drop-down, click Settings.
  3. In the left hand menu click on Privacy and security.
  4. In the Privacy and security box click Cookies and other site data.
  5. Scroll down to Always clear cookies when windows are closed and click on the Add button.
  6. In the Add a site popup, in the Site text box, type: duosecurity.com
  7. Click Add.

Top of the page

Can I Use 2-Factor without a Mobile Device?

2-factor can be used with landlines and hardware tokens. Employees who have university landlines should enroll their landlines by following the instructions at Enrolling a Landline.

Although mobile phones, tablets and landlines are the preferred options, hardware fobs and tokens that use the OATH (HOTP or TOTP) and YubiKey AES protocols are supported.

Top of the page

What if I Don't Want the Duo App on My Phone?

You can use your phone as your second factor without using the Duo App. To do this:

• Enroll your smartphone or cell phone as Other (including cellphones) by following the instructions at Enrolling a Cellphone ('Dumb' Phone / Non-Smartphone). This will allow you to receive SMS codes or a telephone call to your phone and use the given code as your second factor.
• Enroll your smartphone or cell phone as Landline by following the instructions at Enrolling a Landline. This will allow you to receive a telephone call to your phone and use the given code as your second factor.
• Enroll a landline at your office or other location as Landline by following the instructions at Enrolling a Landline. This is useful when you are physically close to the telephone.

Top of the page

What if I Got a New Phone with the Same Phone Number?

• If you want to use a new phone that has the same phone number as the old phone:
  
  1. Install the Duo Mobile app on the new phone, by following the instructions at Enrolling a Smartphone, Tablet, or Mobile Device by Installing the Duo Mobile App.
  2. Follow the instructions at How Do I Reactivate the Duo Mobile App?
• If you get a new phone with a different phone number, enroll it by following the instructions at Enrolling a Smartphone, Tablet, or Mobile Device by Installing the Duo Mobile App.

Top of the page

How Do I Set a Token as My Default Authentication Device?

Duo does not provide the option to set a YubiKey, D-100, or other token as the default authentication method, because those devices are not capable of receiving an automatic prompt.

Only devices that can receive a notification (such as a smartphone with the Duo app or any type of telephone that can receive a voice call) can be your default authentication method.

However, you can authenticate with a YubiKey, D-100, or other token any time you are prompted for a second factor: click Enter a Passcode and then complete authentication with your token. If a push notification or automatic phone call has been sent, you can ignore that and authenticate with your token instead. The token does not need to be selected in the Device drop-down list in order for token authentication to work.

Top of the page

How Do I Enroll a Device without a Computer or When I Can't Scan the QR Code?

To activate Duo Mobile when you cannot get the barcode to scan, or when you only have access to a single screen or device:

1. Start enrolling a smartphone by following the instructions at Enrolling a Smartphone, Tablet, or Mobile Device by Installing the Duo Mobile App.
2. When you get to the QR code screen, depending on the type of device:
   
   • Smart phone:
     
     1. On the Activate Duo Mobile screen, tap Having Problems? We'll send you an activation link instead. (You may have to scroll down to see this link.)
     2. In the text box, type an email address that you can access with your mobile device.
     3. Tap Send email. You may need to scroll down to see all the instructions.
     4. You will receive an email from no-reply@duosecurity.com. Open that email on the device you want to activate.
     5. In the email, tap the activation link.
     6. If you see a message that says "Visit this link on your phone to add your account to Duo Mobile:", either your selection of platform was incorrect, or you have opened the email on the wrong device. To fix this, follow the instructions at this section from the beginning.
     7. If you see a Complete the action message:
        
        1. Tap Duo.
        2. Tap Always.
     8. You will see Account Added Successfully. Virginia Tech will appear in your Duo Mobile app. Tap Continue.
     9. Within the Duo window, you will see Device successfully enrolled. Under Enrolled Devices (PID), your device will be listed. You may need to scroll down to see the entire list.
     10. Tap Done. You will see the normal Duo login prompt.
   • Tablet:
     
     1. Select the radio button corresponding to the OS of your device.
     2. Tap Continue.
     3. On the Activate Duo Mobile screen, tap Having Problems? We'll send you an activation link instead.
     4. In the text box, type an email address that you can access with your device.
     5. Tap Send email. You may need to scroll down to see all the buttons.
     6. You will receive an email from no-reply@duosecurity.com. Open that email on the device you want to activate.
     7. In the email, tap the activation link.
     8. If you see a message that says "Visit this link on your phone to add your account to Duo Mobile:", either your selection of platform was incorrect, or you have opened the email on the wrong device. To fix this, follow the instructions in this section from the beginning.
     9. If you see a Complete the action message:
        
        1. Tap Duo.
        2. Tap Always.
     10. You will see Account Added Successfully. Virginia Tech will appear in your Duo Mobile app. Tap Continue.
     11. Within the Duo window, you will see Device successfully enrolled. Under Enrolled Devices, your device will be listed. You may need to scroll down to see the entire list.
     12. Tap Done. You will see the normal Duo login prompt.

Top of the page

How Can I Log in if the Account Was Accidentally Deleted or Removed from the Duo App?

• If you have another *previously-enrolled* device that can receive SMS texts from Duo:
  
  1. If you are or will be overseas the following steps may not work. For more information, see Authenticating without Internet, Network, or Cellular Service (International / Overseas).
  2. In your browser, open a new Chrome incognito / Edge inPrivate / Firefox private window.
  3. Navigate to the Duo My Settings & Device screen by authenticating with SMS codes.
     
     1. Start logging on to the service that you want, and when prompted, enter your VT Username (PID) and passphrase.
     2. If you receive an automatic call or push notification, in the browser, click Cancel.
        (Do not complete authentication with your second factor, yet.)
     3. In the Duo frame, under the Virginia Tech logo, click My Settings & Devices.
     4. When prompted to select your second factor, from the drop-down, select a device that can receive SMS text messages.
     5. Click Enter a Passcode.
     6. Near the bottom of the screen, in the blue bar, click Send codes or Text me new codes.
     7. On your phone, when a text message that starts with "SMS passcodes:" arrives, open that text message.
     8. In the Web browser, in the Enter your passcode text box, type one of the 6-digit passcodes from the text message you received.
     9. Click Log In.
  4. Add a device that can receive Duo Voice Calls by following the instructions at Enrolling a Landline.
  5. Use the Duo My Settings & Devices screen to delete the second factor that you accidentally deleted the account on by following the instructions at How Do I Remove or Delete an Authentication Device from My Duo Account?
  6. Add that device to your Duo account by following the instructions at Enrolling a Smartphone, Tablet, or Mobile Device by Installing the Duo Mobile App.
  7. To avoid this problem in the future, we strongly recommend enrolling at least two devices, one of which should be a phone, so that you can always get an SMS code to get in to manage your devices.
• If you do not have any previously enrolled second factor devices that can receive SMS text messages from Duo:
  
  1. You must *call* 4Help at 540-231-4357 and ask for a bypass code, because bypass codes cannot be sent via email or Web browser.
  2. Enroll an additional device, preferably a phone that can receive SMS or voice calls, by following the instructions at Enrolling and Setting up Duo 2-Factor Authentication.

Top of the page

What Do I Do after I Accidentally Deleted or Removed My Second Factor Device?

• If you have another *previously-enrolled* device that can receive SMS texts from Duo:
  
  1. If you are or will be overseas the following steps may not work. For more information, see Authenticating without Internet, Network, or Cellular Service (International / Overseas).
  2. In your browser, open a new Chrome incognito / Edge inPrivate / Firefox private window.
  3. Navigate to the Duo My Settings & Device screen by authenticating with SMS codes.
     
     1. Start logging on to the service that you want, and when prompted, enter your VT Username (PID) and passphrase.
     2. If you receive an automatic call or push notification, in the browser, click Cancel.
        (Do not complete authentication with your second factor, yet.)
     3. In the Duo frame, under the Virginia Tech logo, click My Settings & Devices.
     4. When prompted to select your second factor, from the drop-down, select a device that can receive SMS text messages.
     5. Click Enter a Passcode.
     6. Near the bottom of the screen, in the blue bar, click Send codes or Text me new codes.
     7. On your phone, when a text message that starts with "SMS passcodes:" arrives, open that text message.
     8. In the Web browser, in the Enter your passcode text box, type one of the 6-digit passcodes from the text message you received.
     9. Click Log In.
  4. Enroll the device by following the instructions at Enrolling and Setting up Duo 2-Factor Authentication
  5. To avoid this problem in the future, we strongly recommend enrolling at least two devices, one of which should be a phone, so that you can always get an SMS code to get in to manage your devices.
• If you do not have any previously enrolled second factor devices that can receive SMS text messages from Duo:
  
  1. You must *call* 4Help at 540-231-4357 and ask for a bypass code, because bypass codes cannot be sent via email or Web browser.
  2. Enroll an additional device, preferably a phone that can receive SMS or voice calls, by following the instructions at Enrolling and Setting up Duo 2-Factor Authentication.

Top of the page

Why Does 2-Factor Authentication Fail or Not Work with the Nuance Dragon 13 Web Browser Extension?

There are two separate solutions for both Firefox and Chrome: disable the extension, or use an incognito / private window. Each method is listed separately below.

Method 1 Google Chrome: Disable the Nuance Dragon 13 Web Extension

1. Remove the Dragon Web Extension. by following the instructions at Install and manage extensions, under the Manage your extensions heading.
2. Browse to the service again, and try logging in.

Method 2 Google Chrome: Use an Incognito Window

1. Start a Chrome incognito window.
2. Within the incognito window, browse to the service again, and try logging in.

Method 1 Firefox: Disable the Nuance Dragon 13 Web Extension

1. In Firefox, disable the Dragon Web Extension. by following the instructions at Disable or remove Add-ons.
2. Browse to the service again, and try logging in.

Method 2 Firefox: Use a New Private Window

1. Start a Firefox private window.
2. Within the Private window, browse to the service again, and try logging in.

Top of the page

Why Do I Get the D-100 Incorrect Passcode or Token Out of Sync Error Message?

Tokens can become out of sync if 20 different codes are displayed without using one of the codes to authenticate to Duo.

To fix this:

• • If you do not have access to a second factor other than your D-100, you must *call* 4Help at 540-231-4357.  Duo administrators will re-sync the token for you.
  • If you have access to a second factor other than your D-100:
    
    1. Log on to the Virginia Tech accounts site through OneCampus.
       
       1. Go to http://onecampus.vt.edu.
       2. If the page appears dark with text overlaid, click the page to dismiss the overlaid text.
       3. If any OneCampus announcements pop-up, after reading the text, click the appropriate button to dismiss the pop-up.
       4. Near the top-right corner of the page, click Sign In.
       5. From the drop-down that appears, click Sign In.
       6. Type your credentials.
          
          1. In the Username text box, type your VT Username (PID), which is the first part of your @vt.edu email address.
          2. In the Password text box, type your VT Username (PID) passphrase.
          3. Click Login.
          4. Follow the on-screen instructions to complete authentication with your second factor that is not your D-100.
       7. To the right of the OneCampus logo, in the What would you like to do? search box, type: account.
       8. On the keyboard, press Enter or Return.
       9. Click Manage Accounts.
    2. To the far right of 2-factor account, click Manage tokens.
    3. Under Enrolled Tokens, to the right of the serial number of the token that is out of sync, click Resync.
    4. In the three text boxes, type three consecutive 6-digit passcodes from the D-100.
    5. Click Resynchronize.

Top of the page

Why Am I Locked out of HokieServ or Web-CAT? Why Did I Get an Automatic Push when Trying to Log in to HokieServ or Web-CAT?

When you log on to either HokieServ or Web-CAT, after submitting your VT Username (PID) and passphrase, Duo will either auto-push or auto-call your default device. If you have not set a default device, Duo will either auto-push or auto-call the first device you enrolled with Duo.

To complete authentication, respond to the auto-push or auto-call by following the instructions at Authenticating using Duo 2-Factor Authentication.

When attempting to log on to either HokieServ or Web-CAT, your Duo account may become locked if:

• you do not have a smartphone with the Duo app installed that can receive Duo Push notifications, or a telephone that can receive automated voice calls from Duo,
• or if your enrolled devices are temporarily incapable of receiving an auto-push or an auto-call.

If you are locked out of your Duo account and thus unable to complete second factor authentication, you must *call* 4Help at 540-231-4357 to have an operator assist you in enrolling another device after verbally verifying your identity.

Top of the page

Search words: two-factor, two step, multi-factor, 2FA, sign in

Top of the page