Skip to main content

Two-Factor Authentication (2FA)

two-factor authentication logo

Two-Factor Authentication (2FA) adds a second level of verification when logging into designated websites, online services, and select MC applications. MC began adding 2FA, provided by the vendor, Duo, to protect critical MC applications and services in 2017. We are continually increasing the use of 2FA to protect existing applications and adding it to new services as appropriate. This added layer of security will help to decrease account compromises and identity theft, provide real-time alerts for password protection, and allow you to use your mobile device or tablet to easily confirm your login requests. 

ENROLL TODAY!

Enrollment Guides 

Available in multiple languages

Supported Devices

Below is a list of supported devices you can enroll in 2FA. If you have multiple devices, it is recommended that you enroll more than one device, so you have a backup in case of emergency. You may add as many devices as you like to your account:

  • iPhone
  • Android
  • Generic cell phones
  • Tablets
  • U2F Authenticators (i.e. YubiKey)
  • Hardware Token (contact IT Service Desk if mobile devices are not available)
Manage Your Devices

Need to make changes, add a device or update your registered Duo device? Visit the MC Device management portal. You will be directed to the MyMC login page, then prompted to enter your username and password, then authenticate with 2FA.

Set Up Duo Push

Did you know that Duo Push, MC’s Two-Factor Authentication (2FA) solution is a more convenient way to authenticate than SMS Passcodes?  Do yourself a favor and download the Duo Mobile app from your smartphone app store. Duo Push works by sending you a “Push” request. A simple “tap” to approve the login request is all it takes to authenticate.  The benefits of using the Duo Mobile app include:

No need to check a text message to gain a passcode
Internet access or cell reception not available? No problem! 
Tap your MC account in the Duo Mobile app to reveal the six-digit authentication passcode.
Set up is easy: Follow the Duo Push Instructions (PDF, Get Adobe Acrobat PDF Reader.-Link opens in new window.) .

Frequently Asked Questions

Overview

Two-Factor Authentication (2FA) adds a second level of security during the login process to help prevent anyone other than you from accessing systems storing sensitive data. This is accomplished using 2 layers of security to verify your identity when logging into a system:

1. Enter your username (your MyMC ID) with your password

2. Use a physical device such as your cell phone, tablet, or landline phone to confirm your identity

The device that is most convenient for this purpose is a cell phone with the Duo Mobile app installed on it. Alternatively, a text message can be sent with a one-time passcode for you to type in.

MyMC, Microsoft 365 (M365) email, OneDrive, Virtual Private Network (VPN) and other select single sign-on (SSO) applications and online services such as Adobe, IT Service Desk, TMA (facilities), ADAstra, MiniTab, and MC Academic calendar (provided by Dude Solutions).

Once you access an application or service protected by 2FA you will enter your login credentials (username and password) and then be prompted for 2FA. 
Your authentication options are:

Duo Push
Offered by the Duo Mobile app installed on your mobile device. When logging to a 2FA protected application you will receive an authentication request on your Duo Mobile app.  You will “tap” Approve, or Deny if you are not the one attempting to authenticate. Once you “Approve” you will gain access to the application or system.

Passcode from Duo Mobile app or SMS Passcodes
You may choose “Duo Mobile passcode” from the Duo Mobile app and enter the Passcode to authenticate or choose “Text message passcode” and enter the Passcode you receive via SMS.

Security Keys 
Security keys such as, YubiKey, may be used to authenticate.  The device is inserted into your USB port and the user “taps” the device to approve the authentication.

Hardware Tokens
Hardware tokens are available to users who do not have a mobile device.  Please contact the IT Service Desk as needed.

Yes. It is recommended that you register more than one device, in case you lose the primary one.

Each time you authenticate to a Duo enabled application, i.e. MyMC, M365, or VPN, you will be prompted to authenticate with 2FA. However, you may select the “Yes, trust browser” option to skip Duo authentication for 7 days for the application when you login again with the same browser and device.

 Note: Do not trust the browser when using a public or shared computer! This could leave your application/session available to other users.

You can manage your devices by visiting the MC Device Management Portal. The system will prompt you to authenticate first and then you may choose to edit the existing device or add a new device.

Authentication Methods

The new Duo Universal Prompt is set up to remember your previous authentication method used and will default to that method by automatically sending that method.  For example, if your last authentication method was Duo Push, the system will automatically send this same method on future authentications.

To choose a different authentication method, choose “Other options”.

Note: MC has requested from Duo a feature request to not use the automatic default. Once we hear of any updates on this request, we will communicate the changes collegewide.

After entering your username and password, you can authenticate by:

Duo Push 
This is the recommended option, offered by the Duo Mobile app installed on your mobile device. When logging to a 2FA protected application you will receive an authentication request on your Duo Mobile app. You will “tap” Approve, or Deny if you are not the one attempting to authenticate. Once you “Approve” you will gain access to the application or system.

Passcode from Duo Mobile app 
You may choose “Duo Mobile passcode” from the Duo Mobile app and enter the passcode to authenticate. Note this a helpful option in cases where you do not have  cell reception or WIFI signal.

SMS Passcodes
You may choose  “Text message passcode” and enter the passcode you receive via SMS. Note that starting April 2, 2024 this option is not available for VPN users. IT Security is working on phasing out SMS passcodes entirely.  These changes will be communicated to all employees and students before the changes are made.

Security Keys
Security keys such as, YubiKey, may be used to authenticate.  The device is inserted into your USB port and the user “taps” the device to approve the authentication.

Hardware Token
Hardware tokens are available to users who do not have a mobile device. Please contact the IT Service Desk as needed.

Follow the Duo Push instructions (PDF, Get Adobe Acrobat PDF Reader.-Link opens in new window.) for setup.

Almost none. 500 pushes to your device will use 1 MB of data in total. This is roughly equivalent to loading one webpage on your smartphone.

Troubleshooting and Common Issues

Contact the IT Service Desk (240) 567-7222 and request a one-time passcode.

Lost or stolen Duo 2FA registered devices need to be removed from Duo as soon as possible.  Please notify the IT Service Desk (240) 567-7222  immediately and request they remove the device for you.

No problem. Tap the MC icon in the Duo Mobile app to generate an authentication passcode.  You do not need an internet connection or a cellular signal to generate a passcode.

You must register your new device in the MC Device Management Portal. You will need to verify your identity first. Contact the IT Service Desk (240) 567-7222 to receive a one-time passcode to register your phone.

Duo Mobile app – generate a passcode, even without an internet connection. Just tap the MC icon within in the Duo Mobile app to reveal the passcode.

This works anywhere, even in places where you don’t have cell service.

You may also use a tablet. You may register multiple devices with your account.

If you do not have a mobile device contact the IT Service Desk (240) 567-7222 and request a hardware token.