Changes to Duo - Spring 2026

As part of our continued efforts to keep your accounts and data secure, we are making some changes to the approved authentication methods available in Duo.

We use Duo use for two-factor authentication; you may receive a phone call, text, or other notification from Duo when logging into various applications or websites with your Smith account.

Changes to Duo and Important Dates

Starting May 27, 2026: Text messages and phone calls will no longer be available.
- - After this date, you will not be able to approve login requests via phone call or codes sent by text message. To avoid disruption and ensure you have access to your Smith account, add a new method for approving Duo requests. See below for more information.
As of April 14, 2026: An enhanced security feature has been added to Duo Mobile.
- - This update makes your login more secure by requiring a 3-digit code to approve Duo push requests, helping to prevent accidental approvals.

Why are we making these changes?

The level of sophistication of phishing attempts and cybersecurity attacks is increasing. Attempts are more targeted and personalized than in the past.
Two-factor authentication methods like phone calls and text messages are more susceptible to issues - it's easier to inadvertently approve fraudulent attempts when it takes just a tap to approve.

See Cybersecurity for more information about keeping your accounts safe.

What do I have to do?

If you currently use phone calls or text messages to approve login requests, we recommend downloading the Duo Mobile app and adding it to your devices. You’ll no longer receive phone calls or text messages after May 27.
- - If your device has iOS 16 or greater or Android 11 or greater, you can download and use the Duo Mobile app.
  - If you are unable to download the app on your device, we recommend using a physical security key. Submit a ticket on the Request Help page, or email ithelp@smith.edu to request a key.
  - Review other available options in Available Devices.
If you use Duo Mobile for push notifications, you don't have to do anything! Simply start entering the code after April 14. More information about how it works is below.
If you already use a Yubikey security key, you’re all set! Your key will continue to work during and after the rollout of these security enhancements.
If you need assistance, please see Request Help to submit a ticket to IT Support.

If you do not currently use the Duo Mobile app, we encourage you to download it now and set it up in Duo. This is our recommended primary method of authentication moving forward.

The current version of the Duo Mobile app is supported on iOS 16 or greater and Android 11 or greater.

Manage Your Devices

If you need to make changes and aren't sure what your options are, see the Set Up Additional Devices section on the Duo page for guidance on what is available and how to add devices to Duo.

Enhanced Security in the Duo Mobile App

As of April 14, instead of selecting Approve when you receive a push notification, you'll be prompted to enter a unique code to verify your identity.

Here's how it works:

Step 1. When logging into an application through your Smith account, the prompt on the screen will include a three digit code.

Step 2. Open the Duo Mobile app through the push notification on your device and enter the code in the boxes. Note: If you did not receive a notification, you can open the Duo Mobile app directly.

Step 3. Select Verify to confirm. Select I'm not logging in if you didn't initiate the notification - this will notify ITS.

Remember to never approve requests you did not initiate!

Visit the Duo page for more information and instructions.

Last Updated: 4/14/26

Page updated

Report abuse