DUO - Initial Device Registration
Upon successful sign-in with your StateID and strong password, which is your first factor of authentication, you will see a new screen with a prompt welcoming you. Click NEXT.
Also click NEXT, on the next Two(2) informational prompts.
Select the type of device you are registering, based on the authentication method your device can support and your own personal preference.
DUO MOBILE (Recommended):
If you selected DUO Mobile, next enter your phone number with area code. Punctuation is allowed, but not necessary.
Then Select ADD PHONE NUMBER
You may also see a I HAVE A LANDLINE checkbox. Please check this if you only have a landline and require a call instead of an SMS/Text.
If you click I HAVE A TABLET, skip down and follow the TABLET instructions.
Verify the number is correct, then select YES, IT'S CORRECT
Or select NO, I NEED TO CHANGE IT, and correct any mistakes
If your device is a Smart Phone, DUO needs to verify that you have this device/number in your possession and at your disposal, in order to validate that you may use it.
Select SEND ME A PASSCODE, if you want to receive a SMS/Text to verify the device is in your possession.
Select OR CALL MY PHONE, if you want to receive an audio Phone Call to verify the device is in your possession.
The text will come from the short-code number that represents the State of Idaho DUO account, which is 386732. **THIS number is not the passcode.**
The text heading for device verification will say: Verification code:
***IMPORTANT*** If you receive this SMS Text and have not pressed the DUO Enter a Passcode button in the last 60 seconds or so, please ignore the text.
Simply enter the 6-digit verification code into the field displayed. Then Select VERIFY
Selecting OTHER OPTIONS will allow you to change your mind on the authentication method and select something else
Tablet: If you have a tablet, start below:
For Smart Phones and Tablets, you are then instructed to Install DUO Mobile from your phone's App Store.
Select NEXT when the app has been installed OR if you already have DUO installed for use in your own agency.
*Even if you already use DUO for your own agency, you still must continue this device registration process to use DUO for the SCO Enterprise Dashboard and Luma.
If you DO NOT have DUO Mobile app installed on your device, access your App Store and install it now.
Be sure to search for “duo mobile”. If you search for “duo”, you will see Google Duo as the first result. **THIS IS NOT the correct app**
In this case, scroll down further and you will see DUO Mobile as another result. Select DUO Mobile and tap the Install button to install it.
On this screen, follow the instructions summarized below to enroll your smartphone device with DUO Mobile. This will require using your phone camera to "capture" the QR code displayed on the browser.
If you select GET AN ACTIVATION LINK INSTEAD, it will send you an email to your DUO registered email address with an activation link. You MUST open this email on your SmartPhone and click the link in order for this method to work.
Open the DUO Mobile app.
The “+” option is on the top right of the DUO Mobile app.
Select the + (PLUS) sign.
You will notice that your rear-facing camera activates on your smartphone and you can see what the camera is displaying on the smartphone screen.
At this time, hold your smartphone right up to the computer screen where the square barcode is displayed. The screen will flash and you should see a message stating Account Created or Account Added.
If you try for several minutes and your phone cannot properly scan the barcode on your computer screen, select the GET AN ACTIVATION LINK INSTEAD link.
DUO Mobile will now display this account in your smartphone app, and the Dashboard sign-in screen will display a green checkmark as displayed, showing you have successfully activated this device in DUO Mobile.
Select CONTINUE.
Once your MFA device is validated, you will see this screen.
You have fully and successfully enrolled your device or phone number with DUO.
Select LOG IN WITH DUO to proceed with the sign in process.
The security key is detected as an external USB HID keyboard. Because of this, it is not blocked by Windows Group Policy denials on USB Removeable storage devices.
Yubikeys interact with the browser and OS directly for prompt windows. Some browsers display the prompts with slightly different order or wording, but generally when a security key is registered, the first prompt asks the user to plug in the security key (if it is not already plugged in), the next prompt asks the user if the browser can interact with the key, and then the user is prompted to touch the key.
For authentications, only the first and last prompt are shown. If a key is already plugged in, the user is only prompted once to touch the key button.
Continue this guide in the DUO - Authentication page, available in the links on the left.