image of the Duo Security logo

Amherst College has activated two-factor authentication (2FA) using Duo Security. 2FA provides additional login security and also protects you if your account is compromised by a phishing attack.

2FA will become mandatory on the following schedule:

  • All staff: August 29, 2019 (completed)
  • All faculty: September 24, 2019
  • All Amherst College students (except those abroad): September 24, 2019

If you have not enrolled by the deadline, you will be unable to log into a Duo-protected service. Instead, you will be redirected automatically to the enrollment page until you do enroll. To maintain uninterruped access to College web services we strongly recommend that you enroll in Duo well before the deadline.

2FA is used on most Amherst College web-based services, including Moodle, Gmail and other Google apps, and the Amherst website, and on many Amherst third-party services such as Slate (Admission) and Handshake (Loeb Center). (In tech speak, 2FA is enabled on all college web services that are "shib-enabled;" i.e, the ones that use the purple login screen.) 2FA is not used for computer logins; it only protects logins to services hosted on websites.

Several older web-based systems--ACDATA in particular--are not compatible with Duo. As we replace these older systems with up-to-date ones such as Workday, the services they offer will automatically come under the Duo umbrella.

2FA is not required by alums, Five College students, parents and friends, retirees and emeriti, etc. It is for the use of Amherst students and employees only.

How it Works

Once you are enrolled in Duo, you'll see an extra login screen after you enter your Amherst username and password on a protected service. You'll then be promped to take a specific action to complete the login process. The action you take depends upon the devices you activate when you enroll in Duo. These include responding to a "push request" sent to your smartphone, responding to a phone call placed to your office phone, or entering an automatically-generated passcode. Once you've satisfied this "second factor," you'll be logged into the web service.

How to Enroll

Enrolling only takes a few minutes. Here's what you will need at hand: 

  • a computer
  • a phone--preferably a smartphone, but any phone will work, including a land line. You can also use an iOS or Android tablet or a USB security key
  • your Amherst ID card

Note that if you have an iPhone or iPad, or an Android phone or tablet, it saves time if you install the Duo Mobile app from the Apple or Google store before you begin the enrollment process.

Access the Amherst College Duo Enrollment Page

Although Duo works all over the world, we suggest that you enroll while in the United States so the Help Desk can more easily provide support if you need it. If you will not be in the country before your enrollment deadline, please fill out the Duo Exception Form.

If you don't have access to a phone or other device required for 2FA, or for some other reason don't think you can use 2FA, please fill out the Duo Exception Form.

The following video is generic but nonetheless a good introduction of how you enroll a smartphone. 

Help with Duo

If you stop by the Help Desk in Seeley Mudd any workday between 7:00 AM and 4:30 PM we will be happy to help you enroll in Duo. Be sure to bring your phone and Amherst ID with you!

See the IT Training and Events Calendar for upcoming Duo Information and Training sessions.

If you have any problems with self-enrollment or with using Duo, please contact AskIT

More Information

Frequently Asked Questions about 2FA at Amherst: Will Duo work while you're abroad? What happens if you forget your phone? Answers to these and many other questions.

Duo Exception Form: Let us know about circumstances and concerns that may prevent you from using 2FA. Such circumstances could be temporary or permanent.

How to Enroll a Security Key: A security key is a small USB device that lets you satisfy 2FA requests with the press of a button.

What is 2FA?: A video from Duo explaining the rationale behind two-factory authentication.