Inside Luther Seminary

Inside Luther Seminary

Office of Technology

Duo Multi-Factor Authentication FAQs

Luther Seminary is improving account security by continued implementation of Multi-factor authentication (MFA) as one of several requirements of our cybersecurity insurance renewal.

Global Protect and Duo Mobile

When?

To meet our cybersecurity insurance requirements, MFA was first implemented prior to March 1, 2021 for VPN connections. In 2022 use was expanded to more services as noted below.

Multi-factor authentication strengthens account security by using a second source of validation, like a phone or token, to verify your identity before granting access. Luther Seminary is implementing multi-factor authentication for VPN and services that use your Luther Seminary login. This will minimize the risk of a security breach and reduce information security insurance costs.

Who does this affect?

This affects all users of systems that use a Luther Seminary login, including the Global Protect VPN which is required for these resources off-campus:

  • Luther Seminary network drives
  • Jenzabar
  • Laserfiche
  • Phone system
  • Starting June 29, 2022 for faculty and staff
    • All online services that login through the Luther Seminary login page. These include moodle, Gmail, and Zoom.
  • Starting December 19, 2022 for students
    • All online services that login through the Luther Seminary login page. These include moodle, Gmail, and Zoom.

Users will still be able to access some resources from on-campus without multi-factor authentication. Online or web-based resources will still require multi-factor authentication on campus.

Why now?

The protection of the private information of Luther Seminary community members is of critical importance to the Office of Technology (OT). As data breaches become more sophisticated and common, our approach to information security must also evolve.  Multi-factor authentication has been on the OT roadmap for some time, though this recent change in cyber insurance requirements has sped up the timeline. Implementing multi-factor authentication is one way to satisfy regulatory and insurance requirements for data protection.

How does it work?

  • You’ll be invited by email to enroll a phone, smartphone, tablet or other device with Duo.
    • The smartphone application offers quick notifications and authentication. You’ll download the Duo Mobile app from your device’s app store and follow the instructions to connect it to your Luthersem account.
    • If you do not have a smart phone you can contact the helpdesk about other options for authenticating.
  • When you connect to the Global Protect VPN, or SSO apps such as Google Apps for Education (email, calendar, drive) or Moodle, you’ll be asked to choose an authentication method.
    • Duo Push – open the notification on your phone and choose Accept
    • Passcode – you can generate a one-time use access code within the Duo mobile app. To login, you’ll enter your username and then “password, accesscode” in the password field.

Frequently Asked Questions

Learn more in the official Duo Guide

What is Duo and how does it work?

Duo is a two-factor authentication provider that helps to secure access to applications. After entering your regular Luther Seminary username and password, a second layer of security takes place where you are asked to prove your identity with a pre-registered Duo device such as a smartphone.

Why is Luther Seminary using Duo?

Due to the global prevalence of security breaches in recent years, Duo is being used as an additional measure to protect Luther Seminary services. Adding a second factor of authentication for logins greatly improves security. It would be much more difficult for a hacker to both know your password and have possession of your phone or other device.

Do I need to use a smartphone with Duo?

The Duo Mobile smartphone app is the recommended method since it is flexible and easy to use to authenticate. If you don’t have a smartphone, please contact the helpdesk to discuss alternative methods.

How does Duo work with my phone?

Duo can use a phone as a second factor of authentication, through the Duo Mobile smartphone app. The smartphone app is recommended for ease of use, as it only requires tapping to accept or deny the login.

Does Duo make any changes to my smartphone or allow Luther Seminary to control other information on my phone?

No, installing Duo Mobile only serves to provide a second layer of authentication for Luther Seminary services. Permissions used by the application are limited to those required for this purpose and to ensure that the device is not already compromised.

What if I don’t have a screen lock or passcode on my phone?

In order to add a device to support Duo logins, you will need to first setup a screen lock, passcode, or biometric security on your phone before authenticating to Luther Seminary services.

What devices can I use with Duo?

Duo supports authentication through Android and iOS smartphones and tablets, as well as physical authentication tokens. The Duo Mobile app on smartphones and tablets is the easiest, quickest, and most flexible method to use and is therefore recommended. The other options are more difficult requiring manual generation and entry of a changing passcode, and also incur additional costs to the Seminary upon each authentication.

Will Luther Seminary be making additional security changes?

Yes. Luther Seminary IT will continue to track cybersecurity trends and make necessary changes to help ensure the security of the data you have access to (your own and potentially our students). In the months to come, more changes will be made including the retirement of outdated systems and integrating more systems into our MFA environment.