Two-Factor Authentication (MFA) adds a second layer of security to your SJSUOne account.
By verifying your identity using a second factor (such as your mobile device or a
key fob), MFA prevents anyone else from logging into your account, even if they know
Who should use Duo MFA?
The CSU has licensed Duo MFA for all CSU employees and it is our goal to have all
SJSU employees enrolled in Duo by the end of the year, following a staged roll-out
as described below. Similar implementations of Duo are now taking place at all the
other CSU campuses. You can learn more about Duo MFA at Duo’s Guide to Two-Factor Authentication.
We have completed the first three phases of our implementation at SJSU, which started
early in 2018 with a pilot project of volunteer test users, and now includes the full
enrollment of all users of CFS and VPN services.
We are now proceeding with the next two phases of our implementation, by including
all Regular Staff, Student Employees and Faculty. To ensure an orderly and efficient
enrollment process through the IT Service Desk, we are scheduling these phases with the separate due dates below. After these dates,
enrollment in Duo MFA by each respective group will necessary in order to access online
resources accessed via your SJSUOne account:
All Regular Staff and Student Employees by May 1, 2019.
All Faculty by December 1, 2019.
How does Duo MFA work?
Two-Factor Authentication combines something you know (your username and password)
with something you carry (your Apple or Android smartphone, or a Hardware Token /
Key-Fob), to ensure that only you can log in to your SJSUOne account. After entering
your username and password you will be prompted to confirm your login, using your
Setting up Duo MFA
If you choose to authenticate with the Duo Mobile App on your Apple or Android smartphone, the final set-up is a self-service process. The IT Service Desk will contact you when your service has been activated. Following activation, at your
next web login, a series of prompts will guide you through the Duo Mobile enrollment
If you choose to authenticate with a hardware token (key fob), the IT Service Desk will let you know when your hardware token is ready to be picked up. After your hardware
token has been activated and issued to you, you will be prompted at each login to
enter the special security code provided by your hardware token.
Enable/Disable Auto-Push for MFA
Would like to speed up your login time with multi-factor authentication? Turn on auto-push
to automatically be prompted by the authentication method of your choice in the Duo
To turn on auto-push, follow the steps listed below:
- Visit the Multi-Factor Authentication Profile page.
- Enter your SJSU ID and password in the username and password fields. Click Login.
- Before Authenticating with MFA, Click My Settings & Devices under Settings.
4. Then complete your multi-factor authentication.
5. Under Default Device, select your default device from the drop-down menu.
6. Under When I log in, select the Automatically send this device a Duo Push option.
7. Click Save.
Using the smartphone app factor is covered by the CSU master license.
Hardware tokens (key fobs) are purchased by SJSU and provided to you. Replacements
are available for broken or lost fobs.
Contact the IT Service Desk at 408-924-1530.
Because Duo MFA is a security service, the IT Service Desk must confirm your identity before providing assistance.
Frequently Asked Questions