For security, SF State protects sensitive data using two-factor authentication. SF State employees who access sensitive data to perform work will need to install Duo, the SF State application for two-factor authentication, and provide a second credential before access is granted.
Beginning January 15, 2020 SF State staff will be required to use 2FA when accessing web applications and services via the SF State Global Login. Faculty accounts will be scheduled sometime later in 2020 in collaboration with our partners in Academic Affairs. Student accounts will be assessed after staff and faculty have been on-boarded.
Duo setup will begin automatically the first time you log in to a protected resource. It is recommended that you set up your smartphone with the Duo Mobile application installed as the primary device with which you will authenticate. For redundancy and convenience, additional devices can be set up with the Duo Mobile application, such as a tablet or another smartphone.
- Begin login at https://2FA.sfsu.edu
When the Protect Your SF State Account message appears, select Start setup
Select the type of device you will be using to complete your authentication; a mobile phone or tablet is preferred. Select Continue.
- Follow the on-screen instructions to configure Duo. These will vary depending on the type of device you selected. You will be asked for your Device type (e.g., iOS, Android, Windows Mobile).
If required, follow the on-screen instructions to install the Duo App on your mobile phone or tablet. When installed, select I have Duo Mobile installed, scan the barcode, and select Continue.
On the My Settings & Devices screen, select Duo Push (cell and tablet only) and select Save
- Select Continue to Login
NOTE: To update your Duo settings after your initial setup, begin a Web login process again. After entering your password, you will see the Duo options screen.
Test Your Login with Two-Factor Authentication
- Using a web browser, go to https://2fa.sfsu.edu.
- Log in to the SF State Global Login page.
- Follow the instructions to authenticate.
- If successful, you will see a web page indicating Authentication with Duo is completed.
For applications requiring 2FA, the general procedure is as follows once you reach the SF State Global Login page:
Log in to the SF State Global Login page using your SF State credentials:
Use one of the following as your second password:
- Duo Mobile Application Code: Enter the code from the Duo application on your mobile phone or tablet as a second password. The code below is only an example of what a code would look like - do not use it as your code.
- Push Notifications to Duo App: Enter push as the second password to push a login request to the Duo app on your mobile phone or tablet. Review the request on the Duo application on your mobile phone or tablet, then tap to Respond, and then tap Approve to authenticate:
DON'T HAVE A SMARTPHONE?
If you do not have a smartphone or tablet, you must request a hardware token to use for authentication. You will be notified when your hardware token is ready to be picked up at the ITS Service Desk.
- Hardware Token Code: Press the button on your hardware token to get a code and enter that code as a second password
LOST OR STOLEN SMARTPHONE, TABLET, OR HARDWARE TOKEN?
RETURNING YOUR HARDWARE TOKEN TO ITS:
If you no longer need or are no longer using your hardware token, please return it to the ITS Service Desk in Admin 110.
Duo's Guide to Two-Factor Authentication
Check the Duo guide at https://guide.duo.com/ for more detailed information.
Still have questions? Take a look at our FAQ page or contact the Service Desk using the contact information listed below.