Multi-Factor Authentication

For Students, Faculty, Staff, Delegates, Alumni


Multi-Factor Authentication (MFA) or two-factor authentication (2FA) provides your password-protected online accounts at Fordham with an additional layer of security.


Verifying your identity using MFA reduces the risk associated with unauthorized access to your accounts, should your passwords ever be compromised. Fordham’s MFA service is provided by Duo Security, a trusted company used by many higher education institutions.

All active online accounts (students, faculty, and staff) are required to enroll in MFA. You will be asked to enroll in MFA via an email from Duo Security or when you first encounter an MFA-enabled application through a browser. You are strongly urged to enroll multiple phones and devices as a backup. If you need assistance with any aspect of MFA, please contact the IT Service Desk.

Help Enrolling a New Device

If you need assistance enrolling a new device in Multi-Factor Authentication, please call the IT Service Desk at 718-817-3999.

MFA Resources

MFA User Guide (PDF)
Hardware Token User Guide
How to Set Up Multi-Factor Authentication (Video)

Using MFA

Workflow diagram for DUO authenthication
  • To log into a Fordham system, enter your Fordham Username and password, as usual.
  • If you log in to or another Fordham system, use your phone or tablet to verify your identity when prompted by Duo.
  • Securely complete the login process.

You may opt to have your authentication remembered for 30 days when using the same browser on the same device.

Phones and Devices for Verifying Your Identity

A smartphone, landline, cell phone, tablet, or, in some situations, a hardware token may be used to verify your identity for MFA. You can set up multiple options for authenticating, such as a mobile phone and a landline, two different mobile devices, or a landline and a hardware token when traveling.

Multiple Ways to Verify Your Identity

Push notifications to smartphones and tablets
With the Duo MFA mobile app, Duo Mobile, a notification is pushed to you in response to an authentication request you approve or deny.

SMS passcodes
An SMS text message is sent to your registered mobile device. Enter the passcode when you receive the Multi-Factor prompt during the login process.

Mobile passcodes
Similar to SMS, the Duo MFA mobile app, Duo Mobile, generates a new, unique passcode to enter when you receive the Multi-Factor prompt.

Phone callbacks
Your enrolled phone number is called. Answer the phone, listen to the whole message, and press a specific number to complete the login. In addition to the "access number," you will be given another number to press to report a fraudulent call regarding your login. The numbers may change periodically.

Hardware tokens
The hardware token is a small device you carry. Pressing a button on the token generates a new passcode that you type into the Multi-Factor prompt. To request a hardware token, call the IT Service Desk or use the Tech Help tab at (if it’s your first time using the tab, make sure your browser can allow pop-ups for this page.) All requests for hardware tokens must be approved by the Associate Vice President’s Information Security and Assurance. A $20 fee will be charged for lost tokens. For more details, consult the Hardware Token User Guide.

Devices Supporting MFA

  • Smartphones, including Android, iOS, and Windows phones
  • Tablets, including Android and iOS tablets
  • Cell phones
  • Landlines
  • Hardware tokens

Need Help?

Walk-In Centers

McShane Center 266 | RH
Leon Lowenstein SL18 | LC

View Our Walk-In Hours