Enroll in Multi-factor Authentication

Return to Multi-factor Authentication overview

To enroll in multi-factor authentication or manage multi-factor devices:

  1. Visit https://start.rit.edu
  2. Hover over the Accounts menu in the top right, select Multi-Factor Auth. (Or if you're on a mobile device, tap the Menu link and select Multi-Factor Auth.)
  3. Log in with your RIT computer account username and password.
  4. Follow the on-screen steps to enroll and configure a second factor


Click here for screenshots and instructions for the mobile device enrollment process.

Second Factor Options

The enrollment process will present you with multiple options available to use for multi-factor, and will walk you through steps to set up each option.  For your convenience, the list below describes the supported methods at RIT.  

We suggest that you set up more than one option, such as mobile push and a landline phone, if available.  This way, you will still be able to access the application even if something unexpected occurs (e.g. forgotten mobile phone), or if you replace your mobile phone.  If you are unable to access any of your second factor options, please visit the RIT Service Center with your RIT ID card, and we can issue a temporary bypass code.

Push notification via the Duo Security mobile app on your smartphone or tablet

This is the preferred method for multi-factor authentication at RIT.  Your smartphone is most likely to be with you whether you're accessing the service from work or home.  Depending on your mobile device setup, approving a login via your mobile device can be as simple as one tap!

Automated phone call (Landline or mobile)

If you do not have a smartphone, you can use the Landline option to have Duo call you by phone to approve a login attempt.  Though it is labeled as Landline, you can enter any valid phone number in this field (home, office, mobile, etc.).  

Text message (SMS) code confirmation

When using this option, Duo will text five single-use numeric codes to your mobile phone. You are then prompted to enter one of those codes on screen in order to validate the login attempt. (The codes expire after 24 hours.) Additionally, if you've set up a smartphone with the Duo Mobile app, the app can also generate numeric codes that will allow you to log in, even when your phone has no wi-fi or cellular connection.

Offline Codes

If you do not have any mobile phone, or you would like to have a backup option ready just in case, you can generate offline codes to use for MFA.  Using offline codes, you can print off a sheet of numeric codes specific to your account that you can use during the authentication process.  For more information, visit our Offline Codes instructions page.

Duo hardware token (faculty/staff only)

If you do not have a smart phone (for mobile push notifications) and do not have the ability to receive voice calls, you can request a Duo hardware token.  A Duo hardware token is a physical fob that can be attached to a key ring.  It is associated with your RIT account, and can generate a numeric code for you to enter on screen to confirm a login attempt.  There is a $25 departmental chargeback for each hardware token.  Bring a completed token request form and your photo ID to the RIT Service Center to pick up a token.

Other Security Keys (such as a YubiKey or other U2F security key)

Other U2F compatible security keys are allowed for multi-factor authentication at RIT.  However, due to browser compatibility limitations and the variety of 3rd party vendors that offer them, ITS does not provide assistance with these security keys.  For general information on how to set one up, you can visit Duo's guide to U2F security keys.


Please contact the RIT Service Center if you have questions about which of these options will best meet your needs!