Two-factor authentication (2FA) secures your information by requiring two methods of identification to log in to a service. The two methods at the University of Delaware are a combination of your UDelNet ID and password, followed by a unique code that is sent directly to you. Faculty and staff with access to confidential information are required to register for 2FA.
While logging in to CAS or VPN using your UDelNet ID and UDelNet password, you will also type an authentication code that you receive, either by text message, voice message, the Google Authenticator app, or a University-issued fob.
Register for 2FA through My UD Settings.
There are three methods of receiving your authentication code.
This option works well with all UD 2FA services, including UD's VPN service. If you choose this option, you will need to download the Google Authenticator app from either Google Play (for Android users) or the App Store (for Apple iOS users). Google Authenticator works on all mobile devices, including Wi-Fi only devices (e.g., iPod Touch).
If you choose this option on the My UD Settings page, you will receive your authentication code through a text message or voice message sent to the phone number you provided.
To receive authentication codes with a fob, approval is required from a person that may authorize chargebacks to a department--there is a $18.60 one-time charge for the initial fob and a $18.60 charge for each replacement. Most fobs have a 3 to 5 year life, do not have replaceable batteries, and are tamper-resistant.
To request a fob, complete the IT 2FA Fob Request form. Requests without purpose code information will be rejected.
Each fob is linked to one and only one person. They are not shareable.
At least two phone numbers are required as back up methods for receiving your 2FA code to ensure you can always access UD secure services, even if your primary method of authentication is not voice or text message.
In addition, you are encouraged to provide the phone number of trusted friends, family, or co-workers as another back up method, in the event you do not have access to your primary 2FA method or back up phones.
During the registration process, the second step will direct you to print out a series of scratch codes that will each allow you one-time access to your account in the event that all of your other methods of authentication are unavailable. It is highly recommended that you print out the scratch codes during 2FA registration.
If you are unable to print the codes out during the registration process, you can log in to My UD Settings and click Manage my two-factor authentication settings to access the codes at a later time.
When you are prompted for your 2FA code while logging in to a UD service, you can select the option to Remember this browser. Doing so will allow you to use those secure services using that browser for several days without having to enter a second method of authentication. After several days the code will expire and you will need to generate a new code to log in to these services. You should only "remember this browser" on personally-owned devices or devices to which you alone have access.