As of May 2024, users of George Mason University’s Two-Factor Authentication (2FA) application, Duo Mobile, have additional security features to improve protection against phishing attacks. Users now verify their identity through a verification code for Push Notifications.

The update improves security by requesting a three-digit code in addition to approving access through the Duo app. The change requires deliberate action by users before allowing access to their accounts and data. Instead of verifying identities by selecting the “Deny” or “OK” button on the Duo app, users will be provided a three-digit code to access applications.

The introduction of the code allows you to connect to the system you are accessing with the Duo Push Notification. This addresses ‘push fatigue’ when some users casually approve a Duo push, even if they did not request it. The addition of the verification code protects you from approving login requests not made by you and helps keep your accounts and information safe.

When you log into Mason applications, you will see this

In the Duo app on your phone, you will be asked to put in the three-digit code to verify your identity

If the device you are authenticating on belongs to you, clicking yes will provide you access for 7 days

If you have questions or need assistance, contact ITS Support at 703-993-8870 or request help.