Multi-Factor Authentication

Protect your Duke accounts using Multi-factor authentication (MFA), also called advanced or two-step authentication. MFA provides an additional layer of security when logging in or performing transactions online and at Duke.

When logging in using MFA, a user is required to authenticate their identity using a second factor, typically via a phone or separate passcode.

MFA is required at the university when you access Work@Duke human resources tools. All Duke Medicine network and clinical systems must be enrolled in MFA in order to access the Duke Medicine VPN, as well as Citrix.

The IT Security Office strongly recommends using multi-factor authentication when using all NetID protected services.  It is especially recommended for access to critical systems or systems storing sensitive data per the ITSO Security Standards.