BuckeyePass Changes are Coming in October

Smart device showing the BuckeyePass Duo app on the screen

BuckeyePass is Ohio State’s method of multi-factor authentication. This security tool blocks hacking and identity theft attempts, using the Duo app or smartphone text messages to deliver authentication codes. Hackers now need to have two different items in order to access your information—something you know (your password) and something you have (like your smartphone).

Beginning on Thursday, October 15, there are three significant changes

1. The “call me” option for authenticating through BuckeyePass will be retired.

This option is not commonly used and problems can arise from landline carrier outages. If you use the call me option, please add a new BuckeyePass device option before October 15, 2020. BuckeyePass smart phone options include:

  • Duo Push is available through the Duo app on smart phones and tablets.
  • Duo app generated codes are in addition to a "push," Duo app can generate a one-time code to enter on the Duo login screen. You can get this code without cell service or a Wi-Fi connection.
  • SMS Passcodes are also available. To receive 10 codes via text message, go to the Duo login screen, click "Enter a Passcode" and then "Text me new codes."
    • Jot these down or print them. Use them when you are without your phone.
    • Each code can be used one time.
    • You can only receive 10 codes at a time. If you request another set of 10 codes, the first set will no longer be valid. 
       

2. New BuckeyePass authentication options now available.

  • MacBook Touch ID – MacBook devices with a Touch ID sensor can now be used with BuckeyePass. Touch ID can be used with most Ohio State web applications including: Carmen, Office 365, BuckeyeLink. Touch ID is only supported in Google Chrome at this time. Learn more about Touch ID.
  • Security Keys - Security keys, such as a YubiKeyGoogleFeitian, and Solo Keys can be used to access most Ohio State web applications from your laptop or desktop including: Carmen, Office 365, BuckeyeLink, and many more. Security keys are the most secure way to authenticate to the BuckeyePass service. You can even use the same security key to protect your personal Microsoft, Google, and Facebook accounts. Learn more about security keys.
  • Hardware Token - You can purchase tokens from Tech Hub either in the store or by phone. Shipping to those outside Columbus is available for a small fee. Learn more about hardware tokens.

3. On Thursday, October 29, BuckeyePass will protect Outlook and all Office 365 applications.

  • All faculty and staff have already completed this transition.
  • When you open any Office 365 application (Outlook, Word, PowerPoint, Skype, Teams, etc.), you will be asked to authenticate via BuckeyePass.
  • Aside from accessing the web-based versions of applications, you will only be prompted for BuckeyePass authentication on approximately the same frequency as changing your Ohio State password.

General BuckeyePass Tips

You can take some small steps to make sure BuckeyePass is easy and convenient. 

  • Keep your device with you! An attacker can’t redirect a push notification or passcode generated from the app, making the Duo app the most secure authentication option. 
  • Register multiple devices at buckeyepass.osu.edu, if you have them, and remember to bring your backup device with you.
  • You can request 10 passcodes via SMS to use as a backup.

Getting Help

The IT Service Desk is available with 24-hour support, seven days a week, via email and phone.