Princeton uses the Duo Universal prompt as a second layer of security for your Princeton account. Duo verifies your identity using a second factor (like your phone or other mobile device). This prevents anyone but you from logging in, even if they know your password. See the Duo Universal Prompt (external link) for more information and instructions.
When you log in to a Princeton application for the first time, the Duo enrollment process will start automatically. When setting up Duo, it is best to perform this process on a computer or laptop, and have your intended mobile device with you. We recommend installing the Duo Mobile app on your mobile phone for the best experience.
The Duo Universal Prompt can now be used to manage and enable Duo devices instead of the existing Princeton Duo Portal. The Princeton Duo Portal will be retired during the summer of 2022.
First-time Enrollment in Duo (external link)
Add Duo Mobile App (external link)
We recommend that you Scan the QR code. Alternatively, you can select email activation code as long as it is an email account you can access from your device. Use your Princeton email account if possible, but you may input a personal email account you can access from your device.
Difficulties scanning the Duo QR Code? Try email activation code or please, Contact Information Technology. We can send you an activation link instead.
Note: Be sure you have cookies enabled on your device. Safari users may also need to enable cross-site tracking. See below for instructions.
iOS: iOS users, if you receive the message "You need to enable cookies in order to remember this device," you likely have "block cross site tracking" and/or "block all cookies" turned on in Safari. To fix this:
Manage cookies and website data in Safari
Clear, enable, and manage cookies in Chrome (external link)
Trust Browser Remember Browser 90 Days
Push Yes, trust browser to remember the device and browser for 90 days. At the end of 90 days, you will have to select Trust Browser again when prompted.
You may also check Trust browser on the Check for a Duo Push screen.
If you don't want to trust that browser again, uncheck the Trust browser box before you approve the Duo Push or phone call request or enter a passcode.
Once you have enrolled in Duo, you have access to a secure, personalized device management portal where you can add, change or remove devices. The device management portal is accessed via your routine log in and Duo prompt screens.
For full steps on accessing Duo Device Management read Add or Manage Devices After Enrollment (external link).
For more detailed step-by-step instructions read Add Another Device/ Verification Method (external link).
You will need to use your original device OR your backup method to setup a new device/ phone.
For more detailed step-by-step instructions read Add Another Device/ Verification Method (external link).
Please contact Information Technology in the following cases. For security, we will ask you to present a form of identification, such as your drivers license, to support this process.
If you do not have access to a mobile device or phone, you may select a Duo Hardware Token. The token will generate a passcode which you input to verify your identity. Token does not require wireless or data connection.
There is no charge for the initial token.
Contact the oitstore@princeton.edu to request a DUO Hardware Token. The OIT Store Staff will process your request and register a token to your account.
Pick up Duo Hardware Tokens at 112 Frist Campus Center in the Tech Clinic. Hours for the Tech Clinic can be found here. Princeton ID is required.
You are personally responsible for a $50 replacement fee if the initial token is lost.
Hardware Token Passcode (external link)
If you forgot your phone or token, Contact Information Technology We will provide you with a temporary Bypass code.
Reactivate Duo Mobile for an Existing Device (external link)
Applications and devices that don't support the inline Duo Prompt or a secondary passcode field can use append mode. You'll enter both your password and an authentication method into the password field. You'll enter both your password and an authentication method into the password field. Read Append Mode (external link)
Solve Duo Common Issues (external site)
Issue: After you click Approve, Duo does not take them to the Trust Browser screen (like it used to in old Duo). To the user Duo push will appear to "get hung up" and not connect to the application.
Suspected Cause: The Trust Browser window is not automatically opening as it should. We are seeing this issue with the TigerSafe app.
Resolution Option 1: Swipe Up
Resolution Option 2: Type the URL into a Browser
Instead of using an application on your phone, use your browser to navigate directly to the application.
For example if you are having issues with TigerSafe, navigate to your browser and type in the direct URL:
iPhone Focus (Do Not Disturb) Turned On
Confirm if you have "Focus" turned on, specifically, Do Not Disturb. Do Not Disturb BLOCKS Duo notifications. Turn off Do Not Disturb.
If you receive a Duo push or phone notification that you did not expect or initiate, tap Deny. DO NOT Approve. Tap Deny and immediately Contact Us. An unexpected Duo prompt could be a hacking or ransomware attempt.
In order to comply with U.S. regulations, Duo blocks authentications from users whose IP address originates in a country or region subject to economic and trade sanctions. Read this article from Duo for more information: Why am I seeing the message “Access denied. Duo Security does not provide services..." (external link)