Why is Harvard requiring two-step verification for HarvardKey?

Harvard accounts are actively stolen for fraud and intelligence gathering. Thousands of attempts are made every day to steal Harvard passwords. Two-step verification uses a pre-registered device in your possession, such as your smartphone, to confirm your identity when you log in with HarvardKey. That way, even if your password is stolen, cybercriminals can't get into your account without having that device as well.

By using two forms of verification, you are protecting

Your personal data

What Browsers are Supported?

Supported browsers are; IE version 11 or higher, Chrome, Safari, Opera, and Firefox. IE 8 is not supported for HarvardKey claiming or device management. IE 8 will work for logging into the HarvardKey authentication page, however graphics may be displayed differently.

Where can I get support for Harvard Two-step Verification?

School/ Department	HarvardKey/2SV Support	Token Pick-up Location
Central Admin, FAS, HBSP, HDS, Radcliffe, HUPD	HUIT Service Desk 5.7777	HUIT

HarvardKey Two-step Verification Support and Escalation

School/ Department	HarvardKey/2SV Support	Token Pick-up Location
Central Admin, FAS, HBSP, HDS, Radcliffe, HUPD	HUIT Service Desk 5.7777	HUIT

I got a new phone, how do I move my two-step verification over to it?

If you get a new smartphone or mobile device, you need to add the new phone (and remove the old one) by visiting the HarvardKey self-service portal and choosing "Set-up & Manage Your Two-Step Verification" in "Manage Your Services & Account." If the number is the same, you can get a phone call or SMS text message there in order to get into the Manage Devices page. If you still have your old phone, you could also use the app on that to authenticate with the "Push" feature.

How do I use a hardware token to access VPN with two step-verification?

Download a printable copy of these instructions >

If you do not have, or cannot reliably use a mobile phone or landline as your primary two-step verification device, please send a request for a hardware token to ithelp@harvard.edu.

A hardware token is

Where can I learn more about two-step verification?

A good resource to learn more about where you can use two-step verification (also called two-factor or multi-factor authentication) is twofactorauth.org. While you have to use two-step verification with your HarvardKey, deploying it with other services you use (at Harvard and elsewhere) is a great way to enhance your online security.

Why don't I see Two Step Verification as an option for my HarvardKey?

HUIT licensed Duo for most of our HarvardKey users. However, alumni are not currently included in the licensing agreement. If you are an Alumni, without any other active role at the University, your HarvardKey is not eligible for two-step verification.

Can I add multiple devices to my two-step verification?

Yes! It is strongly encouraged that you add at least two devices (for example your mobile phone and a landline) to your Duo two-step verification. That way if you cannot access one device you have a back-up for getting your code and logging in. Within the Two-Step Verification settings box, click on the link that says 'Add a new device' (under the shield) to add your second device. You can add up to five devices.

Why don't I have the 'Remember Me' option?

If in your Duo Device Options you select a default and say always use this device, there will not be a 'remember me' option available. Duo will always use the device you selected at each login. Go back to the settings and uncheck that box (to enable the 'Remember Me' option for web applications). Also, you may have tight privacy settings in your browser - so that it may be unable to create a cookie to track your 'Remember Me' selection. Contact the HUIT Service Desk for support in confirming your browser privacy settings.

HarvardKey Help

FAQ