2-Step Tips and Best Practices
Don't get locked out of your CalNet account on finals week because you dropped your phone in a puddle!
You can and should enroll more than one device in your 2-Step account. We recommend you print or save your bypass codes, enroll every device you can, and try using them all to see what feels most comfortable for you. You can get help from the IT Service Desk if you are unable to log in, but it can take a couple days to regain access. Avoid this hardship by being prepared.
Using the Duo Mobile app to send a Push is the easiest way to do a 2-Step! Just set up your smart phone. The next time you arrive at the 2-Step screen, if Duo Push is your default authentication choice, you will receive a notification on your phone.
Why is Push the best? Check out this informative fact sheet from Duo -- you'll agree with us, Push is the way to go!
Please note that is it important that the Duo app remains up to date for key functionality. We recommend that everyone enable auto-updates for the Duo app.
What if you left your phone (or other verification device) at home? If you have bypass codes, you can still log in. We recommend printing bypass codes and storing them in a secure location as soon as you set up 2-Step. Get your passcodes from CalNet Account Manager. Go here to find out how.
If you don’t want to do the second step verification each time you log in, you can have 2-Step remember you for 30 days on a specific computer and web browser. How? The next time you get prompted to do the 2-Step, select the "Yes, Trust Browser" button after completing the 2-Step. "Yes, Trust Browser" is a web browser cookie, so it applies only to the computer and browser that you are currently working in -- if you select the button on your work computer, your home computer won't remember you. You can select "Yes, Trust Browser" on any computer that you use regularly and that you trust. Don't select "Yes, Trust Browser" on a public or shared computer!
Now that you've set up 2-Step, you can use Duo to add the security of 2-factor authentication to other important accounts -- such as your Amazon, Coinbase app, or bank accounts. In general, you would log in to the service you want to use Duo with, find the Advanced Security Settings, and then enable 2FA, or 2-factor authentication using the same method of scanning a QR code that we used to set up 2-Step for CalNet. Check out this blog post on how to use Duo for your Amazon account.