Skip to Content
Department of Information Technology

Five Duo Habits to Keep Your Information Safe

laptop with DUO push activated

As Cybersecurity Awareness Month continues, the Department of Information Technology is spotlighting one of the most effective tools for protecting personal and institutional data: multi-factor authentication (MFA).

MFA adds an extra layer of defense by requiring users to verify their identity in more than one way before gaining access to an account. This additional step makes it significantly harder for attackers to break in, even if a password is stolen or compromised.

At Seton Hall University, Duo Two-Factor Authentication (2FA) provides that safeguard. By prompting a second verification such as a push notification to a registered device, Duo helps block unauthorized access and keeps sensitive information secure.

Consider This Everyday Scenario

You are rushing between classes, juggling your bag, coffee and a quick text from a friend. In the middle of it all, your phone buzzes with a Duo Push notification. Distracted, you tap Approve without thinking. What you may not realize is that a cybercriminal is attempting to log in with your stolen password. With that single tap, the criminal gains access to your email, financial aid details and course materials, leaving your personal information exposed and your account compromised.

It takes only a second of distraction for an attacker to break through. Duo is designed to stop them, but its effectiveness depends on you. Taking a moment to review the login request can mean the difference between blocking an attack and letting one succeed.

Five Duo Habits for Stronger Security

Cybercriminals know Duo is effective, so they try to trick you into handing over access. These tips will help you stay protected:

  1. Use Duo Push as your default method: Duo Push is safer and more reliable than text messages or phone calls, which can be intercepted or redirected. With Duo Push, the request goes directly to your app and provides the clearest way to approve or deny access. 

  2. Approve only when you are logging in:  If you get a Duo notification you did not expect, deny it immediately. Hackers may also try “MFA fatigue” attacks by sending repeated prompts in the hope you approve one out of frustration. Denying these requests will alert IT Security to investigate. 

  3. Watch for suspicious requests: Cybercriminals may pose as IT staff and ask for your Duo code or push approval. No Seton Hall employee will ever ask for your code. Deny the attempt, change your password and report it to the Technology Service Desk.

  4. Check login details carefully: Duo shows the time and location of login attempts. If they do not match your activity, deny the request and update your password.

  5. Keep your devices up to date: Log in to PirateNet and open the Duo 2FA app to add, remove, or update devices, re-register the Duo Mobile app or change device options. If you upgrade to a new smartphone, you will need your old phone or the original phone number to authenticate and complete the setup. Keeping your devices current ensures uninterrupted protection.

For step-by-step instructions and additional tips, explore the Duo Two-Factor Authentication guide. By making these habits part of your routine, Duo becomes more than just a login step. It becomes the safeguard that protects your information.

Categories: Science and Technology

For more information, please contact:

NEWS CATEGORIES