How to Catch a Thief with Duo

“Credential thieves” find ways to steal usernames and passwords all the time. Whether a thief tricks you into providing your login information, or they hack a system, once a bad actor has what they need, your information and entire systems are at risk.

Duo, the multi-factor authentication application used at UConn, can stop a thief in their tracks, but only with your help. Duo serves as your second line of defense against unauthorized access (good passwords are your first)! After you enter your password, you then authenticate with Duo, verifying your identity for a second time. If you EVER receive a prompt from Duo that you DID NOT initiate, you must deny that prompt because this is an indicator that your credentials are compromised. When you deny Duo, you are catching the credential thief in the act, and blocking them from taking further action. It is common for these thieves to enter your credentials multiple times in hopes that you become “fatigued” from the notifications and just approve a Duo push out of frustration and annoyance.

A legitimate Duo push tells you what services you are attempting to log into, such as UConn 2FA Single Sign On, and the approximate location of the access request. If you did not initiate a login, and you randomly receive push to your phone, or come across a page requesting a Duo token/code, follow these steps to protect your account:

  • Deny the Duo prompt.
  • If asked by Duo if the activity is suspicious, press yes.
  • Visit to change your password.

You must change your password if you experience suspicious activity, such as an unauthorized Duo notification, because it means your credentials are compromised. Passwords are the first line of defense, but they only offer protection if they are hard to crack and known by only you. Follow these password practices to hinder credential theft from the start. And remember to NEVER approve a Duo push or enter Duo codes when you did not initiate a login.