Multi-factor authentication

At Charles Sturt University, we use multi-factor authentication (MFA) with Duo Security to strengthen access security.

How MFA works

MFA requires two or more methods (also referred to as factors) to verify your identity. These factors can include:

  • something you know - like your university username and password
  • something you have - like a smartphone app to approve authentication requests.

Using MFA

To access a service that uses MFA, you need to use a device that is separate from the computer you use to study. This will normally be your mobile phone.

You need to enrol your device and install and activate the Duo Mobile app.

Step 1

Open the MFA tool

Your first step is to use the MFA tool to enrol your device. Follow the on-screen instructions to choose the type of device you have and your mobile number.

Open MFA Tool

Step 2

Install the DUO Security app

When you're prompted, install the DUO Mobile app on your device.

Step 3

Scan the QR code

Scan the QR code presented on your screen with your device camera to activate the Duo Mobile app.


Push is the Charles Sturt preferred authentication method to use with the Duo Mobile app. Find out why push is the best way to authenticate[PDF].

These options are no cost to the university:

  • Push (preferred option). If you have registered the Duo app on your mobile phone, enter push in the Duo passcode / next code / tokencode field, you will receive a push notification on your deviceTap on the green “Approve” ✔ button to connect.
  • Passcode. Open the Duo Mobile app and tap on Duo-Protected - a six digit code will appear. Enter this code into the passcode / next code / tokencode field. Note - the passcode changes for each use.
  1. Open the MFA Tool.
  2. Change the setting at the When I log in field from “Ask me to choose an authentication method” to “Automatically send this device a Duo Push” and click save.
  3. Click finish enrolment.
  • Duo Push authentication requests require a minimal amount of mobile data – less than 2KB per authentication. This amount of data usage falls well within a typical push notification.
  • The bandwidth consumed by Duo Mobile for many authentication requests every day would have an overall negligible effect on mobile data use.
  • Read more about how much data a Duo Push request uses.
  • If you do not have internet or wi-fi connectivity, the Duo Mobile app can be used to generate one-time passcodes that you can use as a second authentication factor.
  • Your mobile phone does not need to be connected to the internet to generate a one-time passcode.

Follow these steps if you have a new mobile device with the same phone number.

  1. Open the MFA Tool
  2. Choose Device Options
  3. Choose Reactivate Duo Mobile.

Note - if you need to get Duo Push working on your phone (for example, you've replaced your phone with a new model but kept the same phone number), you'll receive a new QR code to scan with your phone after answering some questions about your device. This will complete the Duo Mobile activation process.

  1. Open the MFA Tool.
  2. Choose an authentication method and complete two-factor authentication to begin adding your new device.

    If you are setting up a new mobile phone and no longer have access to your old phone, don’t use Duo Push authentication (the Push will be sent to your old phone). If your mobile phone number has not changed, you can still use Passcode or Call Me to authenticate. Remember that you will need to reactivate Duo Push on your new phone once you have successfully authenticated.

  3. Select Add another device.
  4. Select the type of device you are adding e.g. mobile phone.
  5. Enter and confirm the second phone number (if relevant).
  6. Select the new device's operating system.
  7. Install Duo Mobile app on the new device and scan the QR Code to activate.

The new device is added and listed with your other enrolled devices. You can click Add another device to add more devices if required.

Note: If you are replacing a device you need to follow the steps to remove it.

If you have enrolled a new device which is replacing the one you previously enrolled, you can remove the old device.

  1. Open the MFA Tool.
  2. Click the Device Options button next to the device you want to remove and then click the trash can button.
  3. Click Remove to confirm you want to remove the device.
  1. Open the MFA Tool.
  2. Choose Device Options.
  3. Click Change Device Name to open up an interface to change the display name of your phone (hardware tokens can't be renamed).
  4. Type in the new name and click save.

Note - after successfully modifying your phone's name, you will see this when managing devices and it will also be how your phone is identified in the authentication drop-down.

  1. Open the MFA Tool.
  2. Click the Default Device drop-down menu.
  3. Pick your device for default authentication and click save.
  4. You may also want to enable automatic push requests by changing the When I log in option from "Ask me to choose an authentication method" to "Automatically send this device a Duo Push" and click save.