Multi-Factor Authentication
Overview
Multi-factor authentication (MFA) or two-factor authentication (2FA) provides your password-protected online accounts at Fordham with an additional layer of security.
Features
Verifying your identity using MFA reduces the risk associated with unauthorized access to your accounts, should your passwords ever be compromised. Fordham’s MFA service is provided by Duo Security, a trusted company used by many higher education institutions.
All active online accounts (students, faculty, and staff) are required to enroll in MFA. You will be asked to enroll in MFA via an email from Duo Security or when you first encounter an MFA-enabled application through a browser. You are strongly urged to enroll multiple phones and devices as a backup. If you need assistance with any aspect of MFA, please contact the IT Service Desk.
Help Enrolling a New Device
If you need assistance enrolling a new device in Multi-Factor Authentication, please call the IT Service Desk at 718-817-3999.
MFA Resources
MFA User Guide (PDF)
Hardware Token User Guide
How to Set Up Multi-Factor Authentication (Video)
How to Set Up Your Biometrics (Video)
Using MFA
- To log into a Fordham system, enter your Fordham Username and password, as usual.
- If you log in to Fordham.edu or another Fordham system, use your phone or tablet to verify your identity when prompted by Duo.
- Securely complete the login process.
You may opt to have your authentication remembered for 30 days when using the same browser on the same device.
Phones and Devices for Verifying Your Identity
A smartphone, landline, cell phone, tablet, or, in some situations, a hardware token may be used to verify your identity for MFA. You can set up multiple options for authenticating, such as a mobile phone and a landline, two different mobile devices, or a landline and a hardware token when traveling.
Multiple Ways to Verify Your Identity
Push notifications to smartphones and tablets
With the Duo MFA mobile app, Duo Mobile, a notification is pushed to you in response to an authentication request you approve or deny.
SMS passcodes
An SMS text message is sent to your registered mobile device. Enter the passcode when you receive the Multi-Factor prompt during the login process.
Mobile passcodes
Similar to SMS, the Duo MFA mobile app, Duo Mobile, generates a new, unique passcode to enter when you receive the Multi-Factor prompt.
Phone callbacks
Your enrolled phone number is called. Answer the phone, listen to the whole message, and press a specific number to complete the login. In addition to the "access number," you will be given another number to press to report a fraudulent call regarding your login. The numbers may change periodically.
Hardware tokens
The hardware token is a small device you carry. Pressing a button on the token generates a new passcode that you type into the Multi-Factor prompt. To request a hardware token, call the IT Service Desk or use the Tech Help tab at Fordham.edu (if it’s your first time using the tab, make sure your browser can allow pop-ups for this page.) All requests for hardware tokens must be approved by the Associate Vice President’s Information Security and Assurance. A $20 fee will be charged for lost tokens. For more details, consult the Hardware Token User Guide.
Devices Supporting MFA
- Smartphones, including Android, iOS, and Windows phones
- Tablets, including Android and iOS tablets
- Cell phones
- Landlines
- Hardware tokens