Multifactor Authentication at Pitt (Duo) | University of Pittsburgh

You are here

Multifactor Authentication (Duo)

Be Aware: Only Approve Duo Prompts That You Initiate

Duo helps ensure that the person logging into your account is really you. If you get a Duo prompt at any time other than when you are actively logging into a system, it should raise the alarm bell. It is a sign that someone has gotten hold of your username and password, and is trying to access your account. You should deny any Duo prompt you didn't initiate by clicking the red Deny button. Then change your password and alert the 24/7 IT Help Desk that your account may have been compromised. 

Quick Links: Key Benefits I Getting Started I More How-to I Videos

Password + Verification = AccessMultifactor authentication, provided by Duo Security, adds another layer of security to your online accounts when using Pitt Passport by requiring two “factors” to verify your identity when you log in to a service: something you know (such as your password) and something only you have (such as your mobile phone, on which you will receive a login confirmation notice). 

Threats from phishing scams, malicious software, and compromised passwords are constantly increasing and pose an immediate risk to your privacy and the security of University data. In response, the University has added multifactor authentication to all services that use the University’s single sign-on service, Pitt Passport. When accessing a service you will be prompted to enter your username and password on the Pitt Passport login page and complete the login process with multifactor authentication.

Key Benefits

  • Designed to prevent unauthorized access to your information and University data, including confidential retirement account details, pay statements, and direct deposit information.
  • Protects your privacy regardless of what type of device you use to access Pitt Passport services and regardless of whether you access Pitt Passport services while connected to the University’s wired network, the University’s wireless network, or an external network.
  • Provides several options for your second authentication factor, including options that enable you to use multifactor authentication when you are in an area without wireless access or cell phone service (see the Frequently Asked Questions below for details). 

Get Started in 3 Easy Steps

  1. Decide what type of device or method to register as your primary means to authenticate. Refer to our Multifactor Authentication Options Guide or check the guidelines below. 
    * NOTE: Duo has ended mobile app support for iOS 11 and Android 7 (or older) operating systems, and the app cannot be downloaded onto these devices. The app will continue to work on devices that already have the app installed, but no support is available and new features may not work. We recommend that users upgrade their device to the latest OS.
  2. Register your devices and/or method (Mobile phone(recommended), tablet (iPad, Nexus 7, etc.), Landline, Security Key (YubiKey, Feitian, etc.), or Touch ID).
    *NOTE: It is STRONGLY recommended to register more than one device or method: You will need to authenticate from your backup device/method in the case of a lost or stolen primary device, or if you have upgraded or purchased a new phone and have not registered it for multifactor authentication yet.
    A. Log in to the Manage My Account service via My Pitt (
    B. Click Login & Security then Add/Manage Pitt Passport Devices and complete the steps.
    Note:Watch our video or refer to the detailed instructions below.
  3. Log in to a Pitt Passport service using the device you registered and select Send Me a Push, Call Me, or Enter a Passcode. 
         Note: See detailed instructions below. 

More Ways to Get the Most from Multifactor Authentication

Video Resources