Body
Purpose:
For any calls or tickets involving students, faculty, staff, alumni, former students, applicants, vendors, or guests requesting a bypass code or changes to their DUO account, please follow the procedure below to assist them properly and securely.
Steps Taken:
Important Security Notice
Before proceeding with any DUO-related changes, please inform the user that password resets cannot be performed in combination with DUO updates over the phone. These actions must be handled separately and may require in-person verification. If a user requests assistance with both at the same time, kindly explain that, for security reasons, both cannot be processed over the phone and advise them to visit in person.
Step 1: User Verification
To verify the user's identity, ask for the following five pieces of information:
- Date of Birth
- Phone Number on File in DUO
- Phone Number in Campus Solutions (or SIV 2.0)
- Personal Email Address
- Physical Address
- Last Four Digits of Social Security Number
✅ The user must be able to verify at least four of the six items above.
⚠️ If the user can verify only three or fewer, do not proceed. Politely inform the user that they will need to call back with the correct and complete information.
Step 2: Modify DUO Account
Once verified:
- Delete the phone number listed in DUO.
- This forces the user to re-enroll and set up DUO as a new user.
- Check for and delete any "Desktop Authenticators".
- Removing these eliminates the need for a bypass code and prevents unauthorized logins.
Step 3: DUO Setup Instructions
Guide the user through the DUO re-enrollment process. Instruct them to select only one of the following authentication methods during setup:
- Phone Number (SMS or Call)
- DUO Mobile App
❌ Instruct the user not to select any other authentication methods, as doing so may result in an incorrect setup.
Please ensure all steps are followed carefully to protect user accounts and maintain compliance with UHD security policies. For questions or escalations, contact a supervisor or the appropriate support lead.
Q & A
🔍 Frequently Asked Questions (Q&A)
Q1: Can I help a user with both a DUO reset and a password reset during the same call?
A: No. For security reasons, DUO changes and password resets cannot be handled together over the phone. Each request must be addressed separately, and one or both may require in-person verification.
Q2: What if the user can only verify 3 out of the 6 identity questions?
A: You must politely inform the user that you cannot proceed. Ask them to gather the correct information and call back when they can verify at least 4 of the 6 required items.
Q3: What happens when we delete the user’s phone number in DUO?
A: Deleting the phone number forces DUO to treat the user as new, prompting re-enrollment with a fresh setup. This helps resolve issues with locked or outdated DUO configurations.
Q4: Why do we delete desktop authenticators?
A: Removing desktop authenticators ensures old or unauthorized devices can no longer approve logins and prevents the user from needing a bypass code in the future.
Q5: Which DUO authentication methods are allowed during re-enrollment?
A: Only the following:
-
DUO Mobile App
-
Phone (Call or SMS)
Other methods should not be selected, as they may lead to incorrect setup or security risks.
Q6: Who can I contact if I'm unsure or need help with a DUO issue?
A: Reach out to a supervisor or the designated support lead for further guidance or escalation.