2FA Account Services Had Moved to Password Website

On Sunday, August 1, 2021, the services provided within the Two-Factor Authentication (2FA) Account Management website (2faaccount.gmu.edu), including 2FA enrollment, bypass codes, and device management, were moved to the Patriot Pass Password Management Website (password.gmu.edu). Information Technology Services made this change to improve the customer experience and centralize processes related to maintaining your Mason credentials. See the ITS Bulletin for more details.

Service Summary

Mason uses Duo Security to deliver Two-Factor Authentication (2FA) when using your NetID and Patriot Pass Password to log in to Mason applications. This second layer of protection makes your personal information and Mason’s information less vulnerable. Note: Blackboard/myMason does NOT require 2FA at this time.

2FA is required for all Mason users, including students, faculty, staff, and contractors/affiliates.

Key Features

2FA uses two factors to verify you are who you say you are. 2FA makes your personal information less vulnerable and helps prevent anyone but you from accessing your accounts, even if they know your Patriot Pass Password.

  • The first factor (something you know) is the verification of the Mason NetID and Patriot Pass Password, and
  • The second factor (something you have) is generally a smartphone, but other options are available

Getting This Service

Getting Started Checklist

A phone is needed for enrollment. Select the from instructions below based on the type of device you will be using:

Once enrolled, you will log in to applications by entering your NetID and Patriot Pass Password (first factor) and then confirm your identity using a physical device (second factor). The physical device may be a smartphone, tablet, bypass code, or Yubikey (See the List of Authentication Options).


This service is available 24/7, excluding planned outages, normal maintenance windows, and unavoidable events. Maintenance windows are Sundays from 7 to 11 a.m. but may be extended to 2 p.m., if needed. If maintenance is required outside of these hours, it will be announced on the Alerts & Bulletins page.