Know Your Login Security Options
Get the most out of Duo for your NetID+ authentications

Just like your bank, credit card and medical portals, the University of Arizona requires 2-factor authentication to keep your NetID account secure. You don’t want bad actors stealing your personal or financial information, or accessing your university resources and data.
The U of A 2-factor authentication for NetID logins is NetID+. Although all the NetID+ options help protect your account, some methods are more secure and convenient than others. Cybercriminals have become even more sophisticated at stealing your information, including your passcodes.
Duo Mobile App
The Duo Mobile app is the best choice for ease of use and security. It takes a little more effort to set up, but once it’s done, authentication is just a click of the button on your smart phone or tablet. It works on either WiFi or cellular data. The app is free to download and use, and it is available in the Apple App Store or Google Play.
- If you see a service that requires a passcode, the app can also generate a one-time passcode that will expire, so that a stolen passcode can’t be used.
- If Duo’s risk assessor suspects that a login is from someone other than you, you can use the app to verify that it is you (or deny access, if it isn’t). If you don’t have the mobile app, you will need to call the 24/7 Support Center to assist you with your login.
You can also use the Duo Mobile app as your 2-factor authentication for other popular services like Instagram, Snapchat, Facebook, PayPal, and Amazon. The Duo guide pages have an article explaining how to enroll.
Your local IT staff or the 24/7 Support Center are happy to help you set up the app as your 2-factor authentication for NetID+. In-person assistance is available at Tech Zone locations around the Tucson main campus.
Hardware Token
Another option is a small hardware token you can hang on your keychain. There is a small, one-time cost for purchase, and a setup process.
- To authenticate with the Yubikey 5 device, simply plug it in to the USB port of the device you are logging into and press the button. (Purchase the device that meets your needs— USB-A, USB-C, NFC or Lightning.)
- The Feitan OTP c100 device is a fob you can hang on your keychain that generates a 6-digit passcode for you to enter when you press the button. That passcode will expire the next time you press the button. The Feitan is conveniently available at the Campus Store.
Again, your local IT or the 24/7 can assist with hardware token setup.
By-Pass Codes
When you log into the NetID+ portal, you can print one-time bypass codes. It’s a good idea to print a set and keep them in your wallet in case you forget to charge your phone or otherwise lose access to your usual authentication method. Once a bypass code is used, it expires.
SMS Text
SMS text is an option for your cell or smartphone. This sends you a 6-digit passcode that you then need to type in to authenticate. Duo does charge a small amount to the university every time you authenticate with text. Phone call is a previously available option. It was discontinued in early 2021 for new NetID+ accounts because it is the least secure option and incurs a higher cost to the university compared to SMS text.
Did you pick the easiest, most secure option? Visit the NetID+ portal at netidplus.arizona.edu to check on your options, update them, and/or print a set of bypass codes. The 24/7 IT Support Center can advise you and help you if you want to change your current option.
No matter what NetID+ method you choose, using it wisely is also key to protecting your account. If you get a Duo prompt when you are not logging into a university service or account, do not approve the login. Some cybercriminals will spam you with prompts to try to get you to give up and approve it. If you are unsure about an approval request you’ve received, contact the 24/7 Support Center.