To provide better security to Suffolk Workday service and due to the recent focused spear phishing attempt to gain credentials to Suffolk University Workday service Suffolk University ITS implemented a high-security login process for Workday users. This will require a second method of validation to confirm the identity of all users when logging in to Workday. This is referred to as two-step or two-factor authentication process. Suffolk University will be using a two-factor authentication (2FA) system provided by Duo Security. In using this system all users will be required to confirm their identity using one of several options that are available (see details below).
Duo Push is the easiest and quickest way of authenticating. You'll get a login request sent to your phone just press Approve to authenticate.
Just tap the key button to generate a passcode. This works anywhere, even in places where you don't have an internet connection or can't get cell service.
To use the passcode "382033" if your password is "<your_password>", type: <your_password>,382033
If you have any questions or concerns regarding the implementation of this two-factor authentication, please contact firstname.lastname@example.org.
Frequently Asked Questions (FAQ)
What are the benefits of using two-factor authentication?
Instead of using just a username and password when logging into a website, two-factor authentication adds an additional layer of security.
Here are some of the most common concerns when logging into a website using just a username and password:
- Many users choose weak usernames and passwords which can be easily guessed or cracked
- Phishing attacks successfully trick people into revealing their usernames and passwords
- Viruses/malware can capture usernames and passwords and send them over the network where they can be collected
- Users on unsecured networks, for example, at the mall or coffee shop can have their login credentials sniffed (revealed)
The main disadvantage of the username/password (login method) is that this combination is only a single piece of information that a malicious individual needs to obtain in order to compromise your account(s).Two-factor authentication adds an extra layer of security to your login practice by requiring you to have in your possession something physical and unique to you. This physical object can either be your cell phone, your office phone, or even a tablet. Suffolk University has partnered with Duo Security to provide the infrastructure for two-factor authentication. For more information on two-factor authentication as provided by Duo Security, go to http://guide.duosecurity.com
What different methods are available to Authenticate?
Ways to Authenticate via 2FA
Duo Security sends a login request to your phone. Just tap Approve to authenticate.
Generate passcodes with Duo's free mobile application.
Receive a passcode via SMS/Text message.
Duo calls your phone. Just press any key to authenticate.
Apple, Android, Blackberry, Windows Mobile
Duo Push platforms; as well as, Palm, Windows Mobile.
Ability to use Offline?(without internet access)
* Use this link to access more information on the Duo Security website.
Who is eligible to use the Duo (two-factor authentication) system?
The use of the Duo system (two-factor authentication) is currently available to only Suffolk staff and faculty for Workday we plan to expand the offering in the near future to other applications and users.
What devices are supported by Duo?
Can I setup more than one device?
When you are doing your initial setup, you may add as many phones and devices as you like by clicking "Enroll another device" during the process. After that, you will need to contact us at email@example.com if you want to change your phone number, re-activate the Duo Mobile app, or add a second phone.
Whom should I contact if I have questions or concerns about the requirement to use Duo?
We encourage you to contact us with questions or concerns about using DUO. Please send an e-mail with detailed information at firstname.lastname@example.org
What if I don’t have a cell phone?
If you don’t have a cell phone, the Duo system allows you to use your landline phone. You would receive an automated phone call that requires you to simply press any button in order to confirm your identity.
What do I do if I get a notification from Duo that I did not request?
If you get a notification from Duo that you did not request, that means someone else is trying to log in to the system using your account. Use the "Deny" option, and access to your account will be denied. University IT Security will be notified automatically when you select "deny". If you ever receive a Duo phone call when you are not trying to log in, hang up the call to deny access.
What if I don’t have a data plan on my phone? What if I don’t have an internet connection?
The Duo smart phone app provides options that work without a data plan, a texting plan or even an internet connection, if necessary. The app can generate the required code without the need of either a telephone signal or data plan, and it can do so anywhere in the world. If you have a signal and data plan, the app makes two-factor authentication as easy as a pushing a single button, but if you don’t, you can use the app to generate a six digit code and enter that instead.
What if I lose my phone that I use to authenticate with Duo?
Contact the Suffolk University ITS Service Desk email@example.com or call 617-557-200 immediately if you lose your phone or suspect it has been stolen. We will disable your phone from being able to authenticate with Duo and help you log in using another device.
What if I forget my smartphone at home?
We encourage users to set up multiple authentication methods with Duo, so that when one method is unavailable, you have others from which to choose. For example, you could set up your smartphone for “push” and also your office phone and home phone to do callback.
How do I login using an alternate devices I have setup in Duo?
To login with an alternate device (that has been previously configured and set up in Duo) other than what you set as the default, you will need to select when you log in.
- On the Suffolk Workday login Page, Enter your Suffolk username and password hit enter
- Select a the method you want to use for notification you can also select Need Help or Manage devices
- Click Login, and then follow the instructions to authenticate with your chosen method or device.
- Never share your passwords with anyone
- Suffolk University, Information Technology Services (ITS) and ITS third-party service providers will NEVER ask for your account passwords
- If in doubt about a web link don't click, instead type it in the web address yourself and make sure it is a valid web address / URL that you are browsing to.
You should never circumvent password entry with auto logon, application remembering, embedded scripts or hard-coded passwords in client software, except for University email, which is password secured by the overlaying operating system on University User workstations or smart devices.
Computing devices must not be left unattended without enabling a password-protected screensaver or logging off of the device. Smart devices such as smart phones should be set to auto lock and require a password or pin to unlock. Laptops and personal smart devices should always be under your control and should be secured when not being used.
If you suspect or have reason to know that the security of a password may be compromised, the password must be changed immediately. Under such circumstances, you should immediately report the discovery to the Suffolk University ITS Service Desk (617) 557-2000.
Need Additional Assistance
Please contact the Service Desk
Email us at
or call 617-557-2000
(2000 on campus)
For information about Walk-in Support, http://www.suffolk.edu/explore/60186.php