Phase-out of text (SMS) and phone call authentication options during login continues

From: Division of Information Technology

To help protect personal data and university systems from cyber attacks, Virginia Tech is moving towards a complete upgrade of our Duo 2-Factor Authentication (2FA) service.

To enhance the security of 2FA at Virginia Tech, the Division of IT is gradually phasing out the use of SMS and phone call authentication options for 2FA. At this time, existing SMS/text message and phone call options will continue to be usable, however, beginning in January 2026:

• Existing users will not be able to add new SMS/text message or phone call options or devices; and,
• People new to Virginia Tech will be enrolled in the upgraded version of 2FA from the beginning

Text and voice call authentication options to be discontinued at a later date

Text message and voice call authentication methods are vulnerable to interception or spoofing, and are less secure than other methods. For this reason, these options will be fully disabled in the future. Users who currently rely on text messages or voice calls to authenticate are strongly encouraged to begin using more-secure methods as soon as possible. These include using the mobile app, biometric or physical tokens, or software tokens. Setting up one or more of these preferred methods will prevent the interruption of your ability to log in. 

More information

For complete information, including links on how to set up additional methods for authentication, visit the Enhanced 2-Factor page on it.vt.edu. We will continue to share updates on this project, and will update the site as the project continues.

If you have questions about 2FA, please reach out to your departmental IT office, or contact 4Help IT Support (online at 4help.vt.edu, or by phone at 540-231-4357).