FAQ: Setting up Duo mobile app for MFA

Duo logo

Duo Security provides Multi-Factor Authentication (MFA) service to protect users against account takeover and data theft. This additional identification step blocks hackers from logging in your account even when your password is compromised or leaked. You will also be notified when someone tries to log in with your password, providing an additional level of protection to secured login. At EdUHK, most critical information systems are covered by Duo. It complements MFA on O365 introduced earlier to protect staff emails, OneDrive and etc.




Procedures: (For new staff only. If you are self-enroll, please refer to https://www.eduhk.hk/ocio/mfa-duo#self-reg.)

A. Install and configure Duo Mobile App

Install the Duo Mobile app and allow notification for this app:

Get the Duo Mobile App for your device: Apple App Store Google Play Store

For android devices without Google Play store, please download the APK file here.



B. Register your mobile device for Duo

  1. Open a web browser and visit the Portal at https://portal.eduhk.hk.
  2. Log in with your EdUHK username, password on the Single-Sign-On (SSO) log in page.
    Single Sign-On Login Page (NIDP/SSOIDP)

  3. Then you will be re-directed to the Duo enrollment page. Click "Start setup" to begin.
    Start to setup

  4. Choose “Mobile phone” as the primary verification device. Then click "Continue".
    Choose device type

  5. Choose Hong Kong for country code and enter your mobile phone number. Tick the check box to confirm the phone number is correct. Then click "Continue".
    Enter your phone number

  6. Choose the type of your phone (e.g. iPhone) and click "Continue".
    Choose phone type

  7. Click "I have Duo Mobile installed". (Note: Make sure you have the Duo mobile app installed on your device.)
    Prompt user to launch the Duo Mobile app

  8. When you see the following screen, open the Duo Mobile app on your mobile.
    Prompt user to scan the QR code

  9. Click “+” to add an account on your mobile device.
    Add account on Duo Mobile app

  10. Scan the QR code you get from step 10.
    Scan QR code from Duo Mobile app

  11. A six-digit passcode will be shown and your account is added successfully.
    six-digit passcode will be shown

  12. Then switch back to your computer and click “Continue”.
    QR code scanned, continue on the computer

  13. Choose "Ask me to choose an authentication method" and click "Continue to Login".
    choose an authentication method

  14. Click "Send Me a Push" to trigger the login approval process.
    Trigger login process

  15. You will then receive a notification on your mobile. Tap on the notification
    Authenticator app icon

  16. Click “Approve” on the app as the second step of verification.
    Prompt for login in approval

  17. Congratulations. Your device will be ready to approve authentication requests within 5-10 minutes. And you will be able to access the Portal. (Note: Please do not un-install the Duo Mobile App on your mobile device as you will need to use it for login approvals.)


For details about Duo, please visit MFA on Duo.



Author

anon

kwcheng