Multi-factor Authentication (MFA) for Students

Enroll in MFA:

Students use the MFA Self Service tool to enable MFA on their account.

MFA Self Service   ➜

What is Multi-Factor Authentication, or MFA?

MFA is a login method that confirms a user's identity by prompting for two or more factors prior to a successful login.  Users verify that they both know their password (unique knowledge), and that they also possess a hardware token or device running the Duo app (unique possession).

Learn more about Duo multi-factor authentication with this video.

Why are we Implementing MFA?

MFA is a standard security practice across higher education that is highly effective at ensuring organizations stay safe and secure. Verifying your identity using a second factor prevents anyone but you from logging in, even if that other person knows your password. All students, faculty, and staff are required to use MFA when accessing their Seawolf account.

How do I get Set up?

Students use the online MFA Self Service tool to enroll in MFA.

Once verified, you will be emailed a QR code to your Seawolf email that will allow you to auto-enroll your smartphone or tablet.  All you'll need is the Duo Mobile app for iPhone or Android. This method allows you to authenticate via push notification or by entering a code generated within the app. It's quick, easy, and the Duo app is compatible with most devices. 

If you experience any issues or need additional accommodations, contact the IT Help Desk for assistance.

How it Works

When you log in to the Sonoma State homepage, you will be taken to a second screen that will require you to either select "Send Me a Push," which will send a notification to your enrolled device for authorization, or "Enter a Passcode" where you will then enter in a 6-digit number from within the Duo app.

If you select the "Remember me for 12 hours" checkbox, you will not be prompted for MFA for 12 hours on that device and browser.

What if I Need to Add or Remove a Device?

You can manage your MFA devices from the MFA Self Service tool.  You can have up to three devices associated with your account, so be sure to remove your old devices when you no longer need them.

What if I get an Unexpected Push Notification?

Do not approve the request. This is an indicator that someone has your password and is attempting to log into your account. They cannot gain access without being approved via the app, but you must secure your account. Deny the request, change your password, and contact the IT Help Desk.