What is Duo Two-Factor Authentication?

Two-factor authentication (2FA) adds an extra layer of protection to your online accounts. By requiring not just a password, but a second form of verification, 2FA makes it harder for unauthorized individuals to gain access to your accounts., even if they somehow obtain your password.

In HKMU, we implemented a 2FA system, powered by Duo Security, to enhance the security for staff to login sensitive online applications. A user is required to complete a simple Duo 2FA Self-Enrollment setup procedure. Then, the user can use his/her enrolled device to accept a push notification or get a one-time passcode to complete the second authentication challenge while logging to 2FA enabled applications.

2FA

A Self-services on 2FA can let staff to "Manage Enolled Mobile Devices" or generate a "Bypass Code" if you don't have the enrolled mobile device on hand when performing 2FA authentication.

To understand more about the 2FA service, access the User Guide and the FAQ on the 2FA service can help.

 

Duo 2FA Self-Enrollment

Enroll

Enroll Your First Mobile Device


Follow the "Quick Guides" instructions to perform the enrollment.

Notice:

1. Download and install the "Duo Mobile" App (by Duo Security LLC) from Apple "App Store" or Google "Play Store" on your mobile phone.

2. You DO NOT NEED to provide mobile phone number, click "I have a tablet" when asking to "Enter your phone number" during the enrollment process. Click here to start to enroll first mobile device.

I hava a tablet
 

Self-services on 2FA

Manage Enrolled Mobile Device

Manage Enrolled Mobile Device

a. You can add a new mobile device, remove or replace your enrolled device in Duo 2FA.

b. Click here to manage your device.

Generate Bypass Code

Generate Bypass Code

a. A Bypass Code allows you to login 2FA enabled application in case your enrolled mobile device is not available to use.

b. A Bypass Code can only be used to login one-time within 1 hour after generated.

c. Click here to create a one-time Bypass Code.

 

2FA Enabled Applications

Major web applications will be selected to implement the two-factor authentication in stages.

Currently, the following application is protected by Duo 2FA:

Announcement will be made in due course when IT systems will be enabled with 2FA.

 

FAQ

Click here to find out more questions about the two-factor authentication (2FA) service.

Do you require to provide register your mobile phone no. when enroll first mobile device?

Ans.: No

Does the 2-Factors authentication method - "Duo Push" require the internet or mobile network connection?

Ans.: Yes

How to perform 2FA if you are at overseas and without the network connection in your mobile phone?

Ans.: Use the Duo Mobile Passcode (6 digits) in Duo App to complete the 2FA.