Skip to content Skip to navigation

Two-Step Authentication Service Enhanced

December 18, 2014


Stanford University IT

Two-Step Authentication Service Enhanced

Last weekend, University IT rolled out the new Two-Step Authentication service powered by Duo Security. With this enhancement to the service, you have new options for two-step authentication, including:

  • Duo push notification — A push notification is sent to your smartphone or tablet. No more typing in codes!
  • Duo passcode — A six-digit authentication code is generated on your smartphone or tablet and you simply type the code in WebLogin to authenticate. Internet or cellular access is not required.
  • Phone call — You receive an automated phone call to a number you designated earlier. After answering, you press any key to confirm your identity and authenticate.

You can still use SMS text message, Google Authenticator (if you had already set it up prior to this service upgrade) and Printed List (though this will be phased out in 2015 and replaced by a hardware token that generates authentication codes).

A couple of other great features of the new service are:

  • a backup option that allows you to use a secondary two-step authentication device if your primary device is not available; and
  • a self-service "one-time-use" passcode option that allows you to generate an authentication code when you don't have access to your primary or secondary two-step authentication device (e.g., you left your smartphone at home). You must have your Stanford ID card available to complete the passcode.

Additionally, with the university now using Duo, faculty, staff, or students who have a dual affiliation with Stanford Children's Health can use the Duo app to authenticate in the same way with either institution's systems by simply adding an account to the Duo app. Stanford Health Care is currently testing Duo. When it goes live, Stanford community members can add the SHC account to their Duo app as well.

Please go in to and try any of the new methods and set up your backup device. Encourage your staff and colleagues to do the same. The instructions are available from the new Two-Step Authentication service site.

You may also notice that University IT updated the look of WebLogin. The new screens now align with Stanford's latest identity guidelines.

We hope you find the new Two-Step Authentication service and the new WebLogin screens make it easier for you to help us protect Stanford's data and resources.

If you have any questions, please submit a help request.