| Title | Multi-Factor Authentication Procedure |
| Owner | Information Technology Services / Chief Information Security Officer |
| Effective Date | November 14th, 2025 |
| Contact | techsupport@uconn.edu or security@uconn.edu |
| Official Web | https://security.uconn.edu/ |
University Approved Multi-Factor Authentication (Non-Administrative Users)
DUO is the University approved Multi-Factor Authentication application.
Users shall maintain a device capable of performing authentication via DUO.
University Approved Multi-Factor Authentication (Administrative Users)
DUO is the University approved Multi-Factor Authentication application for administrative users, for all systems excluding Office 365 and Azure.
Administrative users shall maintain a device capable of performing authentication via DUO and where required Microsoft Authenticator.
For Administrative users logging into systems via Office 365 or Entra AD, Microsoft Authenticator is the University approved Multi-Factor Authentication application. Where Microsoft Authenticator is used, DUO is not required to be used as Microsoft Authenticator satisfies the Multi-Factor Authentication requirement.
Use of strong authentication
In all systems, users shall select the strongest Multi-Factor Authentication method available.
Authentication methods shall be ranked in the following order:
- Hardware Tokens
- Verified DUO Push/Microsoft Authenticator Number Entering Push
- DUO Push
- TOTP DUO Mobile Code
- SMS and/or Phone call
The use of phish-resistant Multi-Factor Authentication shall be required for administrative access to Office 365 and Entra AD.