Purdue University Northwest / News / Announcements / Changes to Duo Multi-Factor Authentication

Changes to Duo Multi-Factor Authentication

March 14, 2025
A view of the PNW Bell Tower with the Nils K. Nelson Bioscience Innovation Building behind it.
+ Share This Story

Good afternoon,

Starting at 8 a.m. on Friday, March 21, 2025, Purdue IT will enable Duo Verified Push notifications for Purdue University services utilizing Purdue Single Sign-On (SSO). Examples include Brightspace, SuccessFactors, MyPurdue, etc. This will primarily impact faculty, staff and students at Purdue University West Lafayette and Purdue Northwest.

If you typically use the Duo Push method when logging in to a Purdue University service utilizing Single Sign-On, the Duo browser prompt will now include a three-digit verification code.

Screenshot of the Purdue University Duo Single Sign-On interface providing a code to enter on the user's mobile device.

On your mobile device, the Duo notification will ask for the three-digit code. Enter the three-digit code and tap Verify to authenticate.

Screenshot of a user entering a Duo-generated code into their mobile device.

This additional step is designed to better secure the authentication process and help prevent unauthorized two-factor approvals.  This change does not impact other methods of Duo two-factor authentication, which will remain available.

Entering the Verification Code on Apple Watches

You will still be able to enter the verification code on your Apple Watch to accept a push.

  • Type: If you are presented with a full QWERTY keyboard, note that it may be challenging to input the code.
  • Sketch: Use your finger to sketch each digit of the code in the designated area below the Reply field. You may need to tap “scribble” to have the option to sketch the code.
  • Dictate: The microphone icon can be tapped to speak the code aloud for it to be transcribed.

You’ll only see the Duo request on your watch when your phone is locked. Notifications won’t go to your Apple Watch when your phone is unlocked.

Use the Current Version of Duo Mobile

To use Duo Verified Push, a supported version of Duo Mobile must be installed and activated on your mobile device:

  • Duo Mobile 4.16.0 or later on Android 8 or later.
  • Duo Mobile 4.17.0 or later on iOS 13 or later.

Users with an older version of Duo Mobile will receive a Duo Push request without the code entry field. When you try to approve, then the login will fail, and you will see a message instructing you to update your software.  If you cannot update, please select another method or reach out to the CSC for assistance.

Why Are We Making This Change?

The verification code option for Duo Push provides additional security against push harassment and fatigue attacks by asking the user to enter a verification code while approving a Duo Push authentication request. It also provides improved fraud reporting from end users by directing them toward the fraud report option in Duo Mobile when they receive unexpected Duo Push login requests.

Questions?

Check out our Duo Verified Push FAQs

You can also review the Duo documentation for more details.

If you have additional questions, please submit a ticket by emailing csc@pnw.edu.

Customer Service Center
Information Technology, Purdue University Northwest

+ Share This Story