What is two factor authentication?

Let's say you have a safe to keep your important documents. There's a combination lock you have to use to open it. You're probably the only one who knows the combination, so its pretty secure... but if someone was really determined they could keep trying different combinations until they found the right one.

You think your documents are pretty personal, so you want to make sure no one but you can get at them. You buy a better safe. It still has a combination lock, but it also has a strong key-based lock. You're still "probably" the only one who knows the combination, but now you also need to have the key to open the safe door... and if someone steals the key from you, they still can't open the door without the combination. This is the essence of two factor authentication - it combines something you know (the combination or password) and something you have (the key, token, or other "second factor").

Duo Security Two Factor Authentication

Duo is the two factor authentication solution for Penn State Health and College of Medicine. Duo is an additional layer of security that protects your login by turning your mobile phone or landline into a key ("something you have") for accessing the information and information systems of PSH and COM. You still access the applications the same way you always have from a computer; but when you're logging in, you need to have the device or phone you associated with your user account nearby so you can approve the login attempt. Once you log in, the phone or mobile device isn't needed any more for that session.

Duo allows for multiple options. If you own a smartphone, the best option is to install and use the Duo Mobile app. Duo also supports entering a code that can be sent to your mobile phone via SMS, or by calling a mobile or landline phone.

This video provides a quick overview of how the everyday authentication process works:

Do I need to sign up?

Several, upcoming technology improvements will require Duo for access. Additionally, the following are a sampling of applications that already leverage Duo:

  • Spam Quarantine
  • Remote Access Portal
  • Outlook Web Mail
  • Secure File Share (Accellion)
  • Harrell Health Sciences Library Resources

Penn State Health accounts only

Penn State Health users may have two accounts to register: one for Penn State Health and another for Penn State University. This site is for the Penn State Health account only. To register your Penn State University account with Duo, visit PSU's site.

Video: How to Enroll in Penn State University Duo Mobile

Video: How to Enroll in Penn State Health Duo Mobile


This web site will walk you through the Duo Security enrollment process. Simply click the button below to begin.

Sign up »


Still have questions? Read the FAQs