Security: Authentication Basics

This document provides an overview of two key concepts that are essential to understand so that you can better secure and protect your Penn identity and your data:

2-step Authentication, and
Authentication Apps like Duo Mobile

What is 2-step Authentication?

Also called multifactor authentication or 2-step verification, 2-step authentication is signing in ("authenticating") to accounts that require using two or more of the following methods:

Something the user knows (like a password or PIN)
Something the user is (like face recognition or a fingerprint)
Something the user has (like a smart phone or secure USB key)

2-step is a way of proving that you are who you say you are when you try to sign in. It also dramatically reduces the risk of someone stealing your data & your Penn identity.

At Penn, if you have a smart phone, you can use the Duo Mobile app for your second verification step in the 2-step process.

How does an authenticator app work?

Once installed on your smart phone, an authenticator app typically generates 6-digit passcodes every 30 seconds. The passcode is used as a second factor to verify identity when signing in to an account. Authenticator apps are not tied to your phone number or SIM card.

Duo Mobile Benefits

Is easy to use and provides an added layer of protection
Provides a consistent experience when authenticating into PennNet & web applications
Can be used with a variety of other accounts including financial, social media, and other email accounts

We strongly recommend the GSE community enroll in Duo Push for 2-step authentication.

Next Steps

If you have a smart phone, follow these instructions to Enable Duo Mobile for 2-step. (Note: You will be prompted to download and install the Duo Mobile app during this process.)
If you are outside the US, you can still get a 2-step verification code.