Duo

The Duo Logo

Welcome to Duo!

The NBER uses Duo for Two Factor Authentication (2FA) to protect VPN and Single Sign On (SSO) for some web applications.  2FA requires something you know (your password) and something you have (e.g. smartphone, tablet, smart watch, landline, hardware token).  

First time instructions 

Prepare your devices

IT strongly recommends if you have a smartphone or tablet that you download the Duo Mobile app from your Apple or Android store.  The logo is green and is from Duo Security, Inc.  Please note the Google Duo app for video calling is not related.

The Duo App Icon

Device options

We strongly recommend you have at least two unique devices registered with Duo so you have a backup. Please contact it-support@nber.org to add devices to your account

  • Duo Push on a smartphone, tablet, or smart watch is the most secure and recommended as your primary option if you have a smartphone.

  • Phone call to a different phone, such as a landline.  You can also use your cell phone number, but ideally you would have a second device.

  • SMS passcode is ideal if you have a cellular phone that cannot install the mobile app.  You can also have Duo send you 10 codes to use as needed by following the VPN prompt to send SMS codes to your mobile phone.

  • The Duo Mobile app has a passcode feature that allows you to retrieve a passcode code if you are in a location without network connectivity (e.g. with spotty cellular or no wifi). Open Duo Mobile and tap on the NBER logo in the app to get a passcode that changes often. This will not use any data or internet.

  • Hardware tokens: If you have a blue Yubikey hardware token, these unfortunately are incompatible with VPN, but will work with Duo in a web browser.

Logging in with Duo for VPN

See our VPN instructions for tips on using the Duo for VPN prompt.

Logging in with Duo for SSO

When you sign in at the Duo SSO screen, you will see a username field.  Enter your complete NBER email address (e.g. username@nber.org).  Click Next and enter your NBER password.


NBER Duo Single Sign On Window

 

Duo will automatically prompt you for your last used, or most secure method for 2FA (as deemed by Duo).  In most cases this will be your Duo push with your smartphone.  Click the blue Other options link to change this.

Duo "Check for a Push Notification" screen

If you are using a personal computer, you can choose to Trust this browser when prompted and your 2FA will be saved for 30 days only in that browser.  Please note if you sign out of an application that uses SSO, the browser trust setting will be deleted and you will need to use 2FA again at next login.  Please close the window without signing out of the application to preserve the trust setting.

FAQs

What if I don’t have my device with me?

Contact it-support@nber.org for help and we will provide you with a one-time bypass code.  Please note we will verify your identity for your account’s protection.

What if my Duo mobile push isn’t working or my cellular signal is poor?

The Duo Mobile app stores passcodes.  You can open the app and tap on the NBER app to bring up a six digit passcode.  

Why is my Duo not saving for 30 days?

The trust setting works for 30 days per browser, per device.  Please note if you sign out of an application that uses SSO, the browser trust setting will be deleted and you will need to use 2FA again at next login.  Please close the window without signing out of the application to preserve the trust setting.

For support, please email it-support@nber.org.