Starting Feb. 1, the "Call Me" option for two-factor authentication will no longer be available. Please start using "Duo Push" the recommended authentication method. If you are currently using the "Call Me" option, please contact your LAN Manager for information on converting to a key fob (hardware token).
In order to provide added security Western Michigan University offers two-factor authentication (2FA). 2FA provides an extra layer of security by requiring something you know (your password) along with something that you have (your mobile device) to access an online application or service. 2FA is currently offered as an option on WMU's VPN.
KEY FOB (HARDWARE TOKENS)
A key fob, also known as a hardware token, will be provided to staff without smartphones or tablets who use applications or services that require 2FA to access. Users of 2FA required applications or services will be provided a key fob at no cost. Those that want to use the key fob for non-required 2FA applications or services will be charged $10. Duo guide for using 2FA key fob (hardware token). "Duo Push" is the recommended authentication method for those with smartphones or tablets.
2FA Mobile App Setup
Note: We recommend that 2FA setup first be done on a computer.
You will be prompted to setup 2FA the first time you log into an application or service that has been enabled for 2FA. Since all users have access to 2FA on the VPN, we recommend initial setup be done there.
- Login to internal.vpn.wmich.edu/2fa (internal/on-campus) or vpn.wmich.edu/2fa (remote/off-campus) and you will be prompted to enroll a device for two-factor authentication.
- Click Start setup to begin enrolling your device.
- Choose Mobile Phone when asked which type of device you are adding. Click Continue.
- Select your country from the drop-down list and type your phone number. Use the number of your smartphone that you would like to use for two-factor authentication. If you're enrolling a tablet you aren't prompted to enter a phone number. Click Continue.
- Choose your device's operating system and click Continue.
- Install Duo Mobile. Duo Mobile is an app that runs on your smartphone and helps you authenticate quickly and easily. Without it you'll still be able to log in using a text message, but for the best experience we recommend that you use Duo Mobile. Click I have Duo Mobile Installed.
- Activate Duo Mobile. On iPhone, Android, and Windows Phone activate Duo Mobile by scanning the barcode with the app's built-in barcode scanner. The Continue button is clickable after you scan the barcode successfully.
- Configure Device Options (optional): If this is the device you'll use most often with two-factor authentication then we recommend you enable automatic push requests by clicking the When I log in: drop -down and changing the setting to Automatically send this device a Duo Push and click Save.
- Click Continue to login and proceed to the Duo Prompt. Your device is ready to approve two-factor authentication requests. Click Send me a Push to give it a try. All you need to do is tap Approve on the Duo login request received at your phone.
2FA KEY FOB (HARDWARE TOKENS) SETUP
2FA key fob, or hardware tokens, are setup by security administrators. If your key fob has not been setup, please contact the OIT Help Desk.