Changes to BuckeyePass/Duo in September

Alison Landefeld | August 23, 2022
Smart device with Duo app icon on the screen

BuckeyePass, powered by Duo Security, is Ohio State’s method of multi-factor authentication, assisting in keeping our systems safe and helping us stay ahead of security threats. Starting September 20, faculty, staff and students will see the new Duo Universal interface when accessing university systems. Duo Universal offers enhanced security measures and accessibility improvements. 

What is Changing?

Duo Universal will speed up the authentication process for many users by remembering the previous authentication method used and defaulting to that method for future logins. For example, if a user's most recently used authentication method is a Duo Push, a Push notification will be sent automatically. Other changes include: 

  • “Remember me” checkbox will be replaced by “Yes, trust browser” and "No, do not trust this browser" options that appear after authenticating.
    • Please note: users should only trust browsers their personal device(s) and/or device(s) assigned to them by the university. Users should never select the “Yes, trust browser” option on shared and/or public computers. 
  • SMS passcodes will no longer be sent out in batches of ten; users will only receive one SMS passcode at a time. 
  • All authentication options and devices users have configured for their account will be able to be displayed without having to log into the “Register and Manage Devices” page within the BuckeyePass website.

The switch to Duo Universal for university systems will be made on September 20. Users do not need to update their app or take any action before this change. 

Current Duo Prompt 

Current Duo authentication screen

New Duo Universal Prompt

Duo Universal authentication screen Duo Universal authentication options and devices for your account screen

Current “Remember Me” Option (appears before authentication)

Current Duo authentication screen with remember me checkbox circled

Updated “Trust Browser” Option (appears after authentication)

Duo Universal trust browser option screen
Note: The first time a user authenticates from a specific browser (and each time if they don’t select "yes, trust browser") the user will see the trust browser page. On the next authentication after “trust browser” expires (i.e., the next day) one of two things will happen:

1. If the user previously selected Duo Push, text message, or passcode for authentication, they will see a “trust browser” checkbox pre-selected when authenticating (see photo below). Users will not be sent to the secondary pop-up screen with the option to trust the browser.              

Duo Universal authentication screen with trust browser checkbox selected

2. If the user previously selected an authentication method like Touch ID or a security key, they won't see the trust browser checkbox option selected on the page. If the user does not want to trust that browser again, they will need to cancel the Duo authentication in progress. This will send users back to the page where they can choose an authentication method. At this point, users can uncheck the trust browser box and then try to log in again.

Tags: 
Duo, multi-factor authentication, BuckeyePass