WashU Two-Factor Authentication (2FA)

Passwords are increasingly easy to compromise. They can often be stolen, guessed, hacked or phished – even without you knowing.
WashU 2FA—a two-factor (or two-step) authentication service provided by Duo, an industry leader in cybersecurity services—adds a second layer of security to your WUSTL Key account when accessing the many WashU systems, which contain sensitive personal information. By verifying your identity through the use of a second device, hackers and identity thieves are prevented from logging in these systems, even if they know your WUSTL Key ID and password and you’ll be alerted immediately if someone tries to log in using your credentials.
WashU 2FA
WashU 2FA extends protection to most WUSTL Key enabled sites, allowing users to opt-in to two-factor authentication.
Below are a few examples of these supported sites:
- One.wustl.edu
- Office 365 Outlook Web App (email on the web)
- Canvas
- Learn@Work
When Must I Use WashU 2FA?
For students, faculty and staff, all WUSTL Key accounts utilize 2FA now. This is needed to further reduce the impact of phishing and other malicious campaigns which are engineered to steal user’s personal and sensitive information. You may still select from on or off campus, but all users have a 2FA requirement.
Did You Log in Somewhere Without WashU 2FA ?
All University websites that ask you for a username and password should utilize WashU 2FA. If you’ve logged in somewhere that didn’t employ 2FA, please report the website to the WashU IT Service Desk for review at ithelp@wustl.edu.
WashU 2FA Support & Questions
Please contact the WashU IT Service Desk at 314-933-3333.