Changes to Duo - Spring 2026

As part of our continued efforts to keep your accounts and data secure, we are making some changes to the approved authentication methods available in Duo.

We use Duo use for two-factor authentication; you may receive a phone call, text, or other notification from Duo when logging into various applications or websites with your Smith account.

Changes to Duo and Important Dates

Starting April 14, 2026: An enhanced security feature will be added to Duo Mobile.
- - This update makes your login more secure by requiring a 3-digit code to approve Duo push requests, helping to prevent accidental approvals.
Starting May 27, 2026: Text messages and phone calls will no longer be available.
- - After this date, you will not be able to approve login requests via phone call or codes sent by text message. To avoid disruption and make sure you have access to your Smith account, add a new method to approve Duo requests. See below for more information.

Why are we making these changes?

The level of sophistication of phishing attempts and cybersecurity attacks is increasing. Attempts are more targeted and personalized than in the past.
Two-factor authentication methods like phone calls and text messages are more susceptible to issues - it's easier to inadvertently approve fraudulent attempts when it takes just a tap to approve.

See Cybersecurity for more information about keeping your accounts safe.

What do I have to do?

If you use Duo Mobile for push notifications, you don't have to do anything! The update will happen automatically. Simply start entering the code after the new feature is enabled on April 14. More information about how it works is below.
If you currently use phone calls or text messages to approve login requests, we recommend downloading the Duo Mobile app and adding it to your devices. You’ll no longer receive phone calls or text messages after May 27.
- - If your device has iOS 16 or greater or Android 11 or greater, you can download and use the Duo Mobile app.
  - If you are unable to download the app on your device, we recommend using a physical security key. Submit a ticket on the Request Help page, or email ithelp@smith.edu to request a key.
If you already use a Yubikey security key, you’re all set! Your key will continue to work during and after the rollout of these security enhancements.
If you need assistance, please see Request Help to submit a ticket to IT Support.

If you do not currently use the Duo Mobile app, we encourage you to download it now and set it up in Duo. This is our recommended primary method of authentication moving forward.

The current version of the Duo Mobile app is supported on iOS 16 or greater and Android 11 or greater.

Manage Your Devices

If you need to make changes and aren't sure what your options are, see the Set Up Additional Devices section on the Duo page for guidance on what is available and how to add devices to Duo.

Enhanced Security in the Duo Mobile App

After April 14, instead of selecting Approve when you receive a push notification, you'll be prompted to enter a unique code to verify your identity.

Here's how it works:

Step 1 - When logging into an application using your Smith account, the Duo prompt on the screen will include a three-digit code.

Step 2. Open the Duo Mobile app via the push notification on your device, then enter the code in the boxes. Note: If you do not receive a notification, you can open the Duo Mobile app directly.

Step 3. Select Verify to confirm. Select I'm not logging in if you didn't initiate the notification - this will notify ITS.

Remember to never approve requests you did not initiate!

Visit the Duo page for more information and instructions.

Last Updated: 4/3/26

Page updated

Report abuse