2FA is required for all active student, staff, faculty, sponsored affiliates accounts and retirees to promote a safer online environment and to help safeguard York and the community's information security and privacy. This is particularly important during the pandemic and resultant remote working/learning, which has seen a dramatic increase in cyber-criminal activity and risk.
Helpful tips: - Do NOT delete the Duo Mobile app after completing the 2FA Setup. - Duo and Touch ID can only be used for web-based logins and will only work in Google Chrome 70 or later. - Enable the 30-day "Remember Me" option by checking the box at login time to reduce how often 2FA is required on a particular trusted device. - If you have multiple accounts and want to use the same authentication device, please read this FAQ.
What is 2FA?
Two-factor, two-step, or multi-factor authentication (MFA) is a security process that requires you to use two different authentication factors (methods) to verify your login. Think of your first factor as the lock on the front door of your house and the second factor as the door's deadbolt. The first factor is your Passport York password, and the second factor is a push notification, a code or call sent to your cellphone or a physical security key inserted into your computer. Two-factor authentication is the most effective way of protecting both your credentials and the resources you access with those credentials. With two-factor authentication, you can ensure that all your data remains safe, even if your password is compromised.
Why Do I Need This?
Two-Factor authentication adds an additional layer of protection to your accounts and the data you access through them. The easiest way for malicious hackers and phishers to access York's systems and data is by hijacking your account. With two-factor authentication, you are protecting yourself and your community against these sorts of attacks and ensuring each link in our security chain is strong.
How Does It Work?
Enter your Passport York username and password
Use one of the Duo Supported Devices to verify your identity
You are securely logged in
When will I be prompted to authenticate with 2FA?
After you complete your 2FA Setup, you will be prompted to authenticate with 2FA every time you log in to Passport York web services and Office 365.
When will 2FA be activated?
Active Staff, Faculty and Students have been activated for 2FA as of April 2021.
New Students, Staff and Faculty members are activated on a daily basis.
UIT recommends enrolling your smartphone with the Duo app for ease of use and best experience. If you don't have a smartphone, you can order your Duo hardware token at the YorkU Bookstore. When completing your Duo token order, please use your York University email address.
Once two-factor authentication is activated for your account, you have 14 business days to complete your setup. If you've ordered a duo token, your grace period will be extended to 30 days.
Please note that the instructions on this page are intended for first-time setup of 2FA. If you have already completed your setup, and want to add additional devices, please stop and read the FAQ on "How to add a new device?"
To begin, please choose one of the instructions below.
