Setting up MFA via Duo for the first time
Multi-factor Authentication helps protect your account by requiring something else in addition to your password to log you in. Someone may have your password, but unless they also have the second factor, they can't get into your account.
CC has chosen to partner with Duo to provide this functionality, and here's how to set it up for the first time. There are multiple ways to use Duo, but we chose to model the instructions based on what we consider the preferred way of using it (via the "push" functionality of the mobile app).
Even though there are many steps, they go by pretty quickly and, once set up, the system is quite easy to use.
On a computer
show all / hide all
On your mobile phone
show all / hide all
Back to your computer
On your phone
More information
From now on, when you sign into single sign in, you'll see a screen in which you can choose from several options. Pick "Send me a push" to use the one-touch option on the app we just set up, or you can have it call you or text you with a one-time code you can enter.
You can also set up additional devices, choose a default authentication method, and more. We'd recommend adding at least one more device (maybe an ipad or a second phone, for example), but the more options you have, the better.
We also offer Duo hardware tokens in certain cases, which are small devices that fit on a keychain. You press the button and it displays a code for multi-factor authentication. These are good options for traveling internationally or other out of the ordinary cases.
Additional information and troubleshooting
A few important notes and common issues you might come across
- If you are in a situation where you need to log in and you don't have a second device, click the "Duo (MFA) Bypass Code Generator" link just below the prompt for username and password. Here you can generate a temporary bypass code so you can still log in.
- Once MFA is set up on your account, you'll need to go through the second factor of authentication at least once on all your devices where you use an email application (like Outlook on your PC/Mac/Smartphone). In most cases you will be prompted for this, but sometimes it won't prompt you and will instead fail and send you an email on that device saying that "IT has blocked the device."
- For smart phones in particular, if you use an app for your CC email and/or calendar, start by removing that account and re-adding it. That process should prompt you to sign in and do the second factor, and then it will be a trusted app from that point on.
- The default "Mail" app on android devices will not work with MFA at all. In this case, your best option is to use the Outlook app instead.
- The "Mail" app on Mac OSX does not support MFA if you aren't on at least Mac OSX 14.4. In that case, you can either update to at least that level or switch to Outlook instead.