This site requires JavaScript to be enabled
An updated version of this article is available

Set up two-factor authentication (2FA) through the Duo Mobile app

290 views

26.0 - Last modified on 01-08-2025 Revised by Joseph Casciano

25.0 - Last modified on 06-13-2024 Revised by Lindsey Pockl

24.0 - Last modified on 06-13-2024 Revised by Lindsey Pockl

23.0 - Last modified on 06-11-2024 Revised by Joseph Casciano

22.0 - Last modified on 06-11-2024 Revised by Joseph Casciano

21.0 - Last modified on 06-11-2024 Revised by Joseph Casciano

20.0 - Last modified on 04-25-2024 Revised by Lindsey Pockl

19.0 - Last modified on 10-26-2023 Revised by Lindsey Pockl

18.0 - Last modified on 09-27-2023 Revised by Lindsey Pockl

17.0 - Last modified on 07-06-2022 Revised by Joseph Casciano

16.0 - Last modified on 07-06-2022 Revised by Kenji Kono

15.0 - Last modified on 07-05-2022 Revised by Kenji Kono

14.0 - Last modified on 06-01-2022 Revised by Joseph Casciano

13.0 - Last modified on 03-22-2022 Revised by Joseph Casciano

12.0 - Last modified on 11-23-2021 Revised by Tamara Will

11.0 - Last modified on 11-23-2021 Revised by Tamara Will

10.0 - Last modified on 11-05-2021 Revised by Joseph Casciano

9.0 - Last modified on 10-12-2021 Revised by Sarah Cooper

8.0 - Last modified on 09-08-2021 Revised by Joseph Casciano

7.0 - Last modified on 09-03-2021 Revised by Kenji Kono

6.0 - Last modified on 09-03-2021 Revised by Jason Obedzinski

5.0 - Last modified on 01-25-2021 Revised by Joseph Casciano

4.0 - Last modified on 01-22-2021 Revised by Kenji Kono

3.0 - Last modified on 01-06-2021 Revised by Joseph Casciano

2.0 - Last modified on 01-06-2021 Revised by Kenji Kono

1.0 - Created on 08-13-2019 Authored by Kenji Kono

This article tells how to install and access two-factor authentication (2FA) through the Duo Mobile app. Harvard University and Harvard Medical School use this to enhance security.

Table of Contents

Eligibility

Two-factor authentication (2FA) through the Duo Mobile app is available to all faculty, staff, and students with HarvardKey credentials

Note If you have already set up 2FA but have recently upgraded or replaced your device, you must reactivate two-factor authentication (2FA) using the Duo Mobile app.

These instructions assume that you have a computer and smart phone capable of running Duo Mobile and that both devices have a working internet connection.

Before you begin

For this installation, you will need a computer and your mobile device.

You may download the Duo Mobile app through either the Apple App Store or Google Play Store before you begin, but you also have the option to do so later.

For reference, Duo Mobile's icon is green and looks like this:

Step-by-step

To install two-factor authentication (2FA) through the Duo mobile app:

  1. From your computer, navigate to my.hms.harvard.edu

  2. Sign in with your HMS account ID and password.

  3. When prompted to "Protect Your Harvard Medical School Account", select the green Start setup button.
    1. Note If you do not see the Start setup message, you may have configured two-factor authentication in the past. Contact the HMS IT Service Desk at 617-432-2000 or itservicedesk@hms.harvard.edu for assistance. Given the security requirements, a phone call may be more straightforward.

  4. Choose the type of device you are adding.
    1. Adding a mobile phone is strongly recommended.
    2. If you select Tablet or Security Key, follow the on-screen prompts which may differ from the steps in this article.

      "What type of device are you adding?" screen on the Duo Mobile app.

  5. On the "Enter your phone number" screen, enter your mobile device's phone number.
    1. If the phone number has been used at Harvard Medical School before, you may be prompted to verify ownership of the number via a text message or phone call.

      "Enter your phone number" screen on the Duo Mobile app.

  6. On the "What type of phone is...?" screen, select your type of mobile phone.
    1. If you are using an older version of iPhone or Android incompatible with the Duo Mobile app, select Other as your phone type to use SMS text instead of the app. If you are unsure of your device compatibility, refer to:
      1. Compatible iOS versions
      2. Compatible Android versions
    2. If you are using an incompatible phone and consequently cannot use the Duo Mobile app, skip the next steps relating to Duo Mobile and follow the on-screen prompts.

      "What type of phone is...?" screen on the Duo Mobile app.

The next steps will require use of your computer and your mobile phone with the Duo Mobile app.

  1.  On your mobile device, if you have not done so already, install the Duo Mobile app.
    1. Download via the Apple App Store or Google Play Store.

  2.  After installing, return to your computer and select the I have Duo Mobile installed button.

    "Install Duo Mobile for iOS" screen on the Duo Mobile app.

  3. On the computer screen, a QR code will appear. You will need this in the next step.

  4. On your mobile phone, open the Duo Mobile app.
    1. Tap the blue Add +  button to add an account, found on the upper right-hand corner of the screen.
    2. Tap Use QR code.

  5. Use your mobile phone to scan the QR code on the computer screen.
    1. If prompted, grant the app access to your camera.
    2. If your phone's camera does not work, select Email me an activation link instead. Open the email on your mobile phone and tap the link. You will be prompted to open the link with the Duo Mobile app to activate.

  6. Duo Mobile will add Harvard Medical School as an account. Follow the prompts to customize if desired.

  7. On the computer, select Continue to Login to test Duo Mobile. Then, select the Send Me a Push button.

  8. On your mobile device, you will receive a push notification prompting you to confirm sign in. If you do not see this, open the Duo Mobile app.

  9. You have now successfully enrolled your device for two-factor authentication (2FA).

Optional: Add a backup two-factor authentication (2FA) device

A backup authentication method can be helpful in situations like losing your mobile phone.

To add a backup authentication method:

  1. On the computer, select the My Setting & Devices link.

    Arrow identifies "My Settings & Devices" link on Duo screen.

  2. Select Add another device to add a second (or more) device for two-factor authentication.
    1. For additional support, refer to the Manage, add, and delete devices on the Duo Mobile app KB article.

Additional resources

ForgotMyID Tool

If you do not know your associated email, HUID, Harvard NetID, or HMS ID, the ForgotMyID Tool can help you find these. If you need further guidance on how to use this tool, refer to the ForgotMyID Tool How-To article.

Revised by Joseph Casciano
Last modified 06-11-2024 11:17:35