Duo Two-Factor Authentication for RDCRN
As part of ensuring the protection and security of all rare disease data in the RDCRN cloud, we are using Duo to enforce two-factor authentication of all users accessing RDCRN applications (e.g., box.com, REDCap, the imaging and genomics databases) that can potentially hold PHI or other sensitive information. Whether or not an RDCRN user will need to interact with Duo may depend on how (s)he authenticates to RDCRN. If a second factor is already part of the initial authentication (as is the case, e.g., for login.gov), then Duo will not be required for that user.
Authenticated RDCRN used faced with the following prompt
will be required to set up Duo in order to continue through to the application. Detailed instructions for how to proceed can be found below and also on Duo’s Enrollment Guide page, which includes a very accessible (but non-RDCRN specific) step-by-step video. The RDCRN DMCC strongly recommends using cell phones and push notifications, but users are free to choose a second factor of their choice.
Please contact the DMCC if you have any questions!
How to set up Duo
If you are prompted to login with Duo, a screen will appear with the message “As of 5/26/2020 authentication with Duo is required for the requested service.”
To proceed with setting up Duo and logging in, follow these steps:
Step 1 | Click Start setup. |
|
Step 2 | Select the type of device you'd like to enroll and click Continue. We strongly recommend using a mobile phone for the best experience. |
|
Step 3 | Select your country from the drop-down list and type your phone number. Use the number of the mobile phone that you'll have with you when you're logging in. Double-check that you entered it correctly, check the box, and click Continue. |
|
Step 4 | Choose your device's operating system and click Continue. |
|
Step 5 | Follow the platform-specific instructions on the screen to install Duo Mobile. After installing the app, return to the enrollment window and click I have Duo Mobile installed. |
|
Step 6 | Open the camera app on your mobile phone and point it at the barcode to scan. After you scan the barcode successfully, click Continue. If you can’t scan the barcode, click Or, have an activation link emailed to you instead and follow the instructions. |
|
Step 7 | Optional: Click Add another device to start the enrollment process again and add a second phone or another authenticator. Optional: Select your preferred authentication method from the When I log in dropdown menu to receive push notifications or a phone call to your device. Click Continue to login. |
|
Step 8 | Your Duo enrollment is complete! To login, click Send Me a Push, Call Me, or Enter a Passcode. |
|
FAQs
Why am I being prompted to install Duo again - I already set everything up months ago!
Your RDCRN Duo account may have been deactivated if you did not use DMCC resources in more than three months. Please go through the setup steps again to reactivate your account.
What if I am already a Duo user - will this RDCRN setup in any way interfere?
No - your Duo application can handle multiple accounts - simply add RDCRN to your existing Duo app.
How can I install Duo on an additional or new device?
As long as you still have access to the device you used initially, you can just follow the “Add a new device” link on the Duo login prompt screen to add a new device. If you no longer have access to the phone you used initially, then please contact the DMCC with your new phone number and phone type (iPhone or Android) and we will help you out.
What if I lost my device and would like to add a new device to my RDCRN Duo account?
Please contact the DMCC if you need to add a new device to your RDCRN Duo account - you’ll need to send us your new phone number and the type of device (iPhone, Android) that you would like to use going forward.