Enhanced authentication service upgrades your online security
Employees and students will begin using the enhanced service in August 2025; look for an updated process in the app.
From: Division of Information Technology
To help protect personal data and university systems from cyber attacks, Virginia Tech is upgrading our Duo 2-Factor Authentication service for all employees and students beginning in August and continuing through the 2025-2026 academic year.
2-Factor Authentication (2FA) improves security by requiring an additional form of identification (beyond your username and password) to access an account or service. Virginia Tech first implemented 2FA in 2016, and its use greatly improved the university’s security posture.
There are still ways that an attacker can sidestep the protections offered, however. To significantly reduce this possibility, Virginia Tech's Enhanced 2FA program requires entry of a time-sensitive three-digit code to complete the login process when using the Duo mobile app. This quick step provides an important additional layer of security, even in cases where an attacker is in possession of stolen login credentials.
Migration schedule for employees and students
This update will go into effect in August, according to the following schedule:
- Employees - to be migrated on August 11
- Students - to be migrated beginning August 13
- Note: migration dates for retirees and alumni are still pending
During this migration, users will begin to see a prompt for a three-digit code displayed in the app during the login process. This change will happen automatically for users of the Duo app.
Text and voice call authentication options to be discontinued at a later date
Text message and voice call authentication methods are vulnerable to interception or spoofing, and are less secure than other methods. For this reason, these options will be disabled later in the academic year. Users who currently rely on text messages or voice calls to authenticate are strongly encouraged to begin using more-secure methods as soon as possible. These include using the mobile app, biometric or physical tokens, or software tokens. Setting up one or more of these preferred methods will prevent the interruption of your ability to log in.
More information
For complete information, including links on how to set up additional methods for authentication, visit the Enhanced 2-Factor page on it.vt.edu. We will continue to share updates on this project, and will update the site as the project continues.
If you have questions about 2-Factor Authentication, please reach out to your departmental IT office, or contact 4Help IT Support (online at 4help.vt.edu, or by phone at 540-231-4357).
