Page Settings

  • Show menu: true
  • Use horizontal menu: true
  • Show sidebar: left
  • Skip to main content

     


    TwitterFacebook
    719.389.6449 (during business hours)
    After hours emergency phone
    For after-hours help with Canvas, call Canvas Support at 855.740.0505

    ITS@coloradocollege.edu
    Solutions Center in Tutt Library
    first floor on the east side

    Mon-Fri: 8 AM - 5 PM

    Multifactor Authentication (MFA) via Duo

    Setting up MFA via Duo for the first time

    Multifactor Authentication helps protect your account by requiring something else in addition to your password to log you in. Someone may have your password, but unless they also have the second factor, they can't get into your account.

    CC has chosen to partner with Duo to provide this functionality, and here's how to set it up for the first time. There are multiple ways to use Duo, but we chose to model the instructions based on what we consider the preferred way of using it (via the "push" functionality of the mobile app).

    Even though there are many steps, they go by pretty quickly and, once set up, the system is quite easy to use.

    Once MFA is enabled on your account (you'll get notification):
    • First, go to https://www.coloradocollege.edu/ssi on a computer using the Chrome or Firefox web browser, click "Check Email (Office365)," and log in with your CC username and password as you normally would.
    • Second, you'll see an intro screen - click "Start Setup"
    • Third, select the type of device you are adding. Choose "Mobile Phone" and click "Continue" then enter your mobile phone number.
    • Fourth, choose the type of phone (in this example, we're using an android phone).
    • Fifth, you'll see a screen prompting you to install the "Duo Mobile" app on your phone. At this point, leave your computer and pick up your phone.

    On your phone:

    • First, open the google play store (or the app store on an iPhone)
    • Second, search for "Duo Mobile" (note that "Duo" and "Duo Mobile" are different apps, so make sure to choose "Duo Mobile"
    • Third, tap "install" and then "open" when it's finished installing (the app is completely free, takes very little room, and uses very little bandwidth).
    • Fourth, tap the small "+" icon in the upper right corner to add your device to your account
    • Fifth, point the camera at the QR code on your computer screen - it will automatically read and link your account to the phone

    Now, back to your computer:

    • Sixth, you should see a green checkbox and can now click "Continue"
    • Seventh, you'll see one final screen summarizing that you've set up a mobile phone and can choose "continue to login.

    On your phone:

    • Finally, you will get a notification for a login request - just tap the "approve" green check mark and you're done!

    From now on, when you sign into single sign in, you'll see a screen in which you can choose from several options. Pick "Send me a push" to use the one-touch option on the app we just set up, or you can have it call you or text you with a one-time code you can enter.

    You can also set up additional devices, choose a default authentication method, and more.

    Add at least one additional device

    It's important to add at least one additional device (for example, imagine you lose your cell phone or leave it at home one day). In this example, we'll add an office landline phone as an additional device.

    • First, go to https://www.coloradocollege.edu/ssi on a computer using the Chrome or Firefox web browser, click "Check Email (Office365)," and log in with your CC username and password as you normally would.
    • Second, sign in and when prompted to select your MFA method, click the "Add a new device" link on the left side instead.
    • Third, click "Send Me a Push" and approve it on your mobile phone so you're fully logged in.
    • Fourth, select which type of device - in this case, we're doing "landline"
    • Fifth, type your phone number and click continue
    • Sixth, you're all finished! You'll see a confirmation of the second device added to your account, and can select it as your authentication option at any time in the future. If you do, you'll receive a phone call which will read you out a code to type in to complete the authentication.

    That's one additional device but we'd recommend adding at least one more (maybe an ipad or a second phone, for example).

    We also offer Duo hardware tokens in certain cases, which are small devices that fit on a keychain. You press the button and it displays a code for multi-factor authentication. These are good options for traveling internationally or other out of the ordinary cases.
    DuoToken

    Additional information and troubleshooting

    A few important notes and common issues you might come across

    • Once MFA is set up on your account, you'll need to go through the second factor of authentication at least once on all your devices where you use an email application (like Outlook on your PC/Mac/Smartphone). In most cases you will be prompted for this, but sometimes it won't prompt you and will instead fail and send you an email on that device saying that "IT has blocked the device."
    • For smart phones in particular, if you use an app for your CC email and/or calendar, start by removing that account and re-adding it. That process should prompt you to sign in and do the second factor, and then it will be a trusted app from that point on.
    • The default "Mail" app on android devices will not work with MFA at all. In this case, your best option is to use the Outlook app instead.
    • The "Mail" app on Mac OSX does not support MFA if you aren't on at least Mac OSX 14.4 (which is quite recent). In that case, you can either update to at least that level or switch to Outlook instead.