Harvard accounts are actively stolen for fraud and intelligence gathering. Thousands of attempts are made every day to steal Harvard passwords. Two-step verification uses a pre-registered device in your possession, such as your smartphone, to confirm your identity when you log in with HarvardKey. That way, even if your password is stolen, cybercriminals can't get into your account without having that device as well.
By using two forms of verification, you are protecting
Supported browsers are; IE version 11 or higher, Chrome, Safari, Opera, and Firefox. IE 8 is not supported for HarvardKey claiming or device management. IE 8 will work for logging into the HarvardKey authentication page, however graphics may be displayed differently.
If you get a new smartphone or mobile device, you need to add the new phone (and remove the old one) by visiting the HarvardKey self-service portal and choosing "Set-up & Manage Your Two-Step Verification" in "Manage Your Services & Account." If the number is the same, you can get a phone call or SMS text message there in order to get into the Manage Devices page. If you still have your old phone, you could also use the app on that to authenticate with the "Push" feature.
A good resource to learn more about where you can use two-step verification (also called two-factor or multi-factor authentication) is twofactorauth.org. While you have to use two-step verification with your HarvardKey, deploying it with other services you use (at Harvard and elsewhere) is a great way to enhance your online security.
HUIT licensed Duo for most of our HarvardKey users. However, alumni are not currently included in the licensing agreement. If you are an Alumni, without any other active role at the University, your HarvardKey is not eligible for two-step verification.
Yes! It is strongly encouraged that you add at least two devices (for example your mobile phone and a landline) to your Duo two-step verification. That way if you cannot access one device you have a back-up for getting your code and logging in. Within the Two-Step Verification settings box, click on the link that says 'Add a new device' (under the shield) to add your second device. You can add up to five devices.
If in your Duo Device Options you select a default and say always use this device, there will not be a 'remember me' option available. Duo will always use the device you selected at each login. Go back to the settings and uncheck that box (to enable the 'Remember Me' option for web applications). Also, you may have tight privacy settings in your browser - so that it may be unable to create a cookie to track your 'Remember Me' selection. Contact the HUIT Service Desk for support in confirming your browser privacy settings.