From: University Information and Technology
Dear OSU Community,
As we continue to see increasingly sophisticated and malicious phishing attacks targeting the OSU community, we are working to improve our security posture and increase our resiliency by adopting new security measures. Effective May 8, 2024, the use of passcodes for Duo multi-factor authentication will be disabled.
What is changing?
Passcode authentication, which uses a numeric passcode generated by a hardware token or the Duo Mobile app will no longer be available starting May 8.
How will this impact me?
If you use passcodes to authenticate with Duo, please switch to a phishing-resistant authentication method, including Duo Verified Push or physical security keys, which plug into your computer to verify your identity without a code. Duo bypass codes will continue to be available.
For more information about this change, visit beav.es/duo-passcodes.
If you have any questions or concerns, please contact the Service Desk at beav.es/help or by calling 541-737-8787.
Thank you for your cooperation as we work together to minimize opportunities for cyber attackers and increase the protection of our data, our community, and the university.
Respectfully,
David McMorries, Chief Information Security Officer, Office of Information Security
Oregon State University | University Information and Technology