Cisco Duo Updates banner

Duo Verified Push Notifications Further Secure SMU Accounts

Cisco Duo Logo (2 color)With malicious actors continuing to get better at exploiting weaknesses in security features, SMU will soon require a Verified Push from Duo Security to increase the protection of our push-based multi-factor authentication (MFA) solution and protect your account from unauthorized access.

With the popularity of push notifications for securing accounts, cybercriminals have begun using push harassment, the act of sending successive push notifications to annoy you enough to accept a push for a fraudulent login attempt, and push fatigue, the onslaught of constant MFA approvals causing you to pay less attention and mindlessly accept a push login—including ones from a fraudulent login attempt, to gain access to secured accounts. To combat this nuisance, the new Verified Push will require you to enter a six-digit numeric code with any push notification. By using a verification code, we ensure only verified users can log in and reduce the chances of someone absent-mindedly accepting a push they did not request.

Duo Verified Duo Push
Duo’s Verified Duo Push Example

These Push Notifications will arrive on your phone or other authentication device but with a new prompt to enter the unique code. It is important to remember not to provide the unique code to anyone! When the bad actors cannot enter the unique code in the Duo app, the attack is immediately stopped, and they don’t gain access to the campus network and resources.

Other authentication methods, like a hardware token or other hardware authentication device, will continue functioning as usual. However, the manual passcode function will no longer work once the Verified Push is enabled for campus on October 30, 2023. However, you may not see these new prompts immediately on devices where you have told Duo to “Trust this device.” Trusting a device will allow you to be able to avoid having to enter the code each time you log in on that device for 30 days.

So, be prepared when logging into SMU services by keeping your Duo device nearby! If you have any questions, as always, the IT Help Desk is here for you.

Updated with additional information: October 17, 2023

Print Friendly, PDF & Email

Published by

Zach Peterson

Zach is a Senior IT Training & Communications Consultant with OIT. Zach began his SMU career at the IT Help Desk in 2012 and joined the Training & Communications Team in 2015. He is a 2011 graduate from the University of North Texas and obtained a Master of Liberal Studies degree from SMU in 2018. He enjoys reading and collecting vintage and antique radio sets. He grew up in Valley View, Texas near Denton.

IT Connect is published by the Office of Information Technology at Southern Methodist University.


Office of Information Technology
Copyright © Office of Information Technology, SMU
smu.edu/help  | 214.768.HELPhelp@smu.edu