For security, SF State protects sensitive data using two-factor authentication. SF State employees who access sensitive data to perform work will need to install Duo, the SF State application for two-factor authentication, and provide a second credential before access is granted.
Duo setup will begin automatically the first time you log in to a protected resource. It is recommended that you set up your smartphone with the Duo Mobile application installed as the primary device with which you will authenticate. For redundancy and convenience, additional devices can be set up with the Duo Mobile application, such as a tablet or another smartphone.
- Begin login at https://2FA.sfsu.edu
When the Protect Your SF State Account message appears, select Start setup
Select the type of device you will be using to complete your authentication; a mobile phone or tablet is preferred. Select Continue.
- Follow the on-screen instructions to configure Duo. These will vary depending on the type of device you selected. You will be asked for your Device type (e.g., iOS, Android, Windows Mobile).
If required, follow the on-screen instructions to install the Duo App on your mobile phone or tablet. When installed, click I have Duo Mobile installed, scan the barcode, and click Continue.
On the My Settings & Devices screen, select Duo Push (cell and tablet only) and select Save
- Click Continue to Login
NOTE: To update your Duo settings after your initial setup, begin a Web login process again. After entering your password, you will see the Duo options screen.
TEST YOUR TWO-FACTOR AUTHENTICATION
- Using a web browser, go to https://2fa.sfsu.edu.
- Log in to the SF State Global Login page.
- Follow the instructions to authenticate.
- If successful, you will see a web page that says "You have successfully completed 2 Factor Authentication Login"
For applications requiring 2FA, the general procedure is as follows once you reach the SF State Global Login page:
Log in to the SF State Global Login page using your SF State credentials:
Use one of the following as your second password:
- Duo Mobile Application Code: Enter the code from the Duo application on your mobile phone or tablet as a second password. The code below is only an example of what a code would look like - do not use it as your code.
- Push Notifications to Duo App: Enter push as the second password to push a login request to the Duo app on your mobile phone or tablet. Review the request on the Duo application on your mobile phone or tablet, then tap to Respond, and then tap Approve to authenticate:
DON'T HAVE A SMARTPHONE?
If you do not have a smartphone or tablet, you must request a hardware token here to use for authentication. You will be notified when your hardware token is ready to be picked up at the ITS Service Desk.
- Hardware Token Code: Press the button on your hardware token to get a code and enter that code as a second password
LOST OR STOLEN SMARTPHONE, TABLET, OR HARDWARE TOKEN?
RETURNING YOUR HARDWARE TOKEN TO ITS:
If you no longer need or are no longer using your hardware token, please return it to the ITS Service Desk in Admin 110.
Duo's Guide to Two-Factor Authentication
Check the Duo guide at https://guide.duo.com/ for more detailed information.
Updating Your Duo Settings
To update your Duo settings, visit https://2fa.sfsu.edu. After entering your credentials in the SF State Global Login screen, you will see the Duo settings screen.