Protect Your SAS Accounts with Two-Step Verification

  • Faculty & Staff
  • Students & Alumni

 password + proof = access

 

The Two-Step Verification service will drastically reduce the risk of compromised data and nefarious use of your accounts. Because a login from a new computer requires not just a password but a verification code that is delivered to your smartphone it is much harder for malicious, unauthorized users to gain access.

Please see below for instructions on how to set up Two-Step for various accounts here at Penn.

If you are not already, we strongly suggest that you enroll in Duo Push. Duo Push is the most convenient method of Two-Step verification: the user receives a popup message on their phone much like in the image above. They would simply press "approve" instead of needing to enter any numbers.  Click here for setting up Duo Push for the first time.  Click here for setting up Duo Push on a replaced phone.

To set up Duo Push for the first time:

  1. Navigate to this website: https://twostep.apps.upenn.edu
  2. Click on Manage Settings
  3. Sign in with your Pennkey
  4. Scroll down to the Devices section
  5. Under Duo Push: click on enroll in Duo Push
  6. This will begin the enrollment wizard
    1. Make sure you have Duo Mobile installed on your phone
    2. As you go through setup, you will be prompted with a test Push
    3. Let us know if you have any questions!

 

To set up Duo Push on a replaced phone:

  1. Navigate to this website: https://twostep.apps.upenn.edu
  2. Click on Manage Settings
  3. Sign in with your Pennkey
  4. Approve the push on your old phone.  If no push comes through, tap the down arrow carat and enter the 6 numbers listed there.  If this isn't an option, click Call or text me a code.  Follow the instructions over the phone
  5. Under Quick links, click the New Phone for Duo Push button.
    1. Make sure you have Duo Mobile installed on your new phone
    2. As you go through setup, you will be prompted with a test Push
    3. Let us know if you have any questions!

 

Two-Step Verification for Pennkey and O365:

Two-Step Verification is required for all SAS Faculty and Staff. It's easy to use, and it dramatically increases the security of your PennKey and PennO365 protected accounts. 

For a user-friendly introduction to Two-Step see: https://www.isc.upenn.edu/two-step-quick-start.

You can sign up for Two-Step at: https://twostep.apps.upenn.edu/ or ask your LSP to help with the setup process.

You can find more PennO365 Two-Step information here: https://computing.sas.upenn.edu/penno365/two-step

If you have additional questions, please contact your Local Support Provider (LSP).

Two-Step Verification for Google@SAS:

To add another layer of security to your Google@SAS or personal Gmail account you can enroll in Google Two-Step Verification here.