Starting in the Winter of 2022, the Wheaton IT Department will continue our focus on cybersecurity by rolling out Duo Multi-Factor authentication. This additional layer of security is very similar to Google’s Two Step verification. As you know, Google’s Two Step verification protects your Google Workspace account. Duo Multi-Factor authentication will protect other college information tied to your wID – For example: insideWheaton, onCourse, and the VPN.

On this page

What is Multi-Factor authentication?

Multi-Factor authentication adds a second layer of protection during the login process. Currently your wID login is tied to “something you know” (your password). Multi-Factor authentication adds the second layer of “something you have” (typically your smartphone and absent of that, a USB security key or a Duo Number Generating Token). You most likely already have experienced using Multi-Factor authentication with your Wheaton Google Workspace account and your bank’s web site.

Why are we implementing Multi-Factor authentication?

Times are changing and hackers are finding new and creative ways to acquire user passwords;
they can buy lists of usernames and passwords on the dark web, they can use social engineering
and email phishing tactics to steal passwords, they can use something called “dictionary attacks”
as a brute force method to guess weak passwords. Adding a second form of verification dramatically
decreases the likelihood of your account being compromised.

How often will I need to use Multi-Factor authentication?

For browser based services like insideWheaton and OnCourse, Duo will not require Multi-Factor authentication every time you log in. Once you authenticate and complete Multi-factor authentication you will have the option to select “remember me for 30 days”.
For the next 30 days, Duo will not prompt you to perform Multi-Factor authentication on that device
in that browser unless you clear your browser’s cache. Multi-Factor authentication is browser specific so if you complete Multi-Factor authentication while accessing insideWheaton using the Safari browser it will not exclude you from having to complete Multi-Factor authentication if you then access insideWheaton from the Chrome browser. The exception to the 30 day rule is the FortiClient VPN, it will require that you complete Duo Multi-Factor authentication every time you log in.

What Multi-Factor authentication method should I use?

There are a couple different methods you can use to complete Multi-Factor authentication. They are….

The Duo application method mentioned above is called a “push” notification. A “push” is where a notification is sent to an app on your mobile phone. You can then click “Approve” or “Deny” to allow/decline access to the application you are trying to log into. To get “push” notifications on your mobile phone, first install Duo Mobile found in the App Store (Apple iOS) or in Google Play (Android). Directions are provided below.

What are my support options when setting up Multi-Factor authentication?
  • Place a trouble ticket inside the ITSS website located here. When creating a ticket, select “2-Factor Authentication (2FA)” -> “Duo – 2-Factor Authentication”
  • Send an email to the ITSS Support staff at support@wheatoncollege.edu
Steps for enabling Multi-Factor Authentication

1. To prepare for enabling Multi-Factor Authentication it’s best if you are reading these instructions on a computer and have your mobile phone available to you.


2. On your computer navigate to our course management system OnCourse. Enter your wID and password and click the LOGIN button
Wheaton Login Screen


3. Click Start setup.
Start Setup


4. Choose the type of device you are adding and click continue.
Add Device


5. If registering a cell phone, enter the number, tick the box to verify and click continue.
Enter Phone Number


6. Select the type of smart phone you have from the list and click continue. Type of Phone


7. On your smart phone go to the App Store and search for “Duo Mobile”. Tap “Get” and then “Install” to download the app.
Duo App Icon


8. On your smart phone navigate to the Duo Mobile app and launch the app. Start the process of adding your Wheaton account in the Duo Mobile app by click “Continue” on the welcome screen.
Duo App Welcome


9. Choose “Use a QR code” on this screen. This will open the camera app on your phone and you may have to “allow” this action.
Add your account


10. On your computer choose the option “I have Duo Mobile installed”.
Install Duo Mobile for iOS


11. A QR Code will be displayed on your computer and you should use your smart phone to scan this QR Code. DO NOT scan the QR Code on this documentation, scan the QR Code on your computer.
QR Code


12. The Duo Mobile app on your smart phone will now prompt you to name your account and will then tell you that your account is linked. It will also prompt you to turn on notifications for the app. It will also give you an option to practice using the Duo Mobile app.

Duo Images of Next Steps


13. On your computer you should now see a green check mark over the QR Code. Click continue on this screen.
Duo Mobile Activated


14. Select “Ask me to choose an authentication method” from the pull down menu in the middle of the box. Then click “Continue to Login”.
Settings & Devices


15. Duo Mobile is now installed, you can click
“Send me a Push”, otherwise select “Call Me” or “Enter a Passcode” where you
can have Duo text you a passcode.
Enrolled Successfully


16. A push notification will pop up on your phone where you can tap “Approve” to complete your login.

**note** If using the “push” notification make sure “Allow Notifications” is enabled on your smartphone
Prompt for Duo