Two Factor Authentication (2FA), what does it look like?

by Ryan Johnson

Now that Two-Factor Authentication (2FA) is up and running for users that have enrolled at Penn State, what does it look like?

When you first log into any application behind WebAccess, you will presented with your normal WebAccess login screen, simply login as normal:
webaccessduo

Note: The User Id field will appear to have a default userid (xyz500) already entered, simply add your userid.

You will then be presented with an additional authentication screen. Choose from your enrolled devices and how you want to receive the Second-Factor notification.
mobile1

  • If you are using a smartphone or tablet, the Duo Push option is recommended (See examples below).
  • You can also generate a passcode from the Duo App on your device by opening the app and clicking on the key symbol located in the upper-right hand corner:
    codegenerate
  • If you are choosing a landline, you can choose to receive a phone call or you can also generate a code from the Duo App as well.

After selecting the method you want, click on Log In. If you choose to receive the Duo receive push notification it will look something like this on an Android device:
Picture1

Or if you are using an iPhone or iPad it will look like this:
ipadduo

Simply Approve the notification and you will then be automatically logged into WebAccess on your computer or device.

If you are using a landline and receive a phone call, simply select any number on your keypad to accept the authentication.

For further assistance, please use the following resources:

Library Specific FAQ
Identity Services FAQ

2 thoughts on “Two Factor Authentication (2FA), what does it look like?

  1. rxj15

    2FA is voluntary for Retirees even after it becomes mandatory for those with the Faculty/Staff affiliation. However, Retirees who need access to secure systems that are under 2FA will need to enroll. That does not include WebAccess. While WebAccess has 2FA enabled, it does not require a second factor for everyone and has the capability of allowing certain groups through who are not required to enroll in 2FA (e.g., students, retirees, FPS, etc.) There are some systems that require a second factor of authentication through Duo 2FA without any exceptions. For example, the College of Engineering Junos VPN, RCC Clusters, LionPath, etc. If Retirees need access to any of these secure systems, then they will need to enroll in 2FA.

Comments are closed.