Beginning May 2024, users of George Mason University’s Two-Factor Authentication (2FA) application, Duo Mobile, will begin noticing additional security features to improve protection against phishing attacks. Users will now verify their identity through a verification code for Push Notifications. Verification codes will be added gradually to Mason user Duo accounts throughout the summer.
The update improves security by requesting a three-digit code in addition to approving access through the Duo app. The change requires deliberate action by users before allowing access to their accounts and data. Instead of verifying identities by selecting the “Deny” or “OK” button on the Duo app, users will be provided a three-digit code to access applications.
The introduction of the code allows you to connect to the system you are accessing with the Duo Push Notification. This addresses ‘push fatigue’ when some users casually approve a Duo push, even if they did not request it. The addition of the verification code protects you from approving login requests not made by you and helps keep your accounts and information safe.
Here’s what you can expect to see once verification codes have been added to your account:
When you log into Mason applications, you will see this
In the Duo app on your phone, you will be asked to put in the three-digit code to verify your identity
If the device you are authenticating on belongs to you, clicking yes will provide you access for 14 days
If you have questions or need assistance, please contact the ITS Support Center at 703-993-8870 or support@gmu.edu.