A New, Streamlined NetID and 2FA
Oct. 31, 2025
Image
Now there is just one site to create and manage your university username, password and 2-Factor Authentication (2FA)—netid.arizona.edu.
When the university first implemented Duo for 2FA, it was a nice-to-have add-on to help secure NetID logins. It has since become mandatory at the university, and 2FA is more widespread for other accounts. Rather than an add-on, it is integral.
To help new members of the campus community complete the full journey from NetID creation through 2FA setup, the entire process is now housed at the NetID portal. This helps everyone who already has a NetID remember where to go for updating their account, as well.
Get the most out of Duo for your 2FA
Although all the 2FA options help protect your account, some methods are more secure and convenient than others. Cybercriminals have become even more sophisticated at stealing your information, including your passcodes. Visit the new NetID portal to change your options under Manage Your Account.
Duo Mobile App
The Duo Mobile app is the best choice for ease of use and security. It takes a little more effort to set up, but once it’s done, authentication is just a click of the button on your smart phone or tablet. It works on either WiFi or cellular data. The app is free to download and use, and it is available in the Apple App Store or Google Play.
- If you see a service that requires a passcode, the app can also generate a one-time passcode that will expire, so that a stolen passcode can’t be used.
- If Duo’s risk assessor suspects that a login is from someone other than you, you can use the app to verify that it is you (or deny access, if it isn’t). If you don’t have the mobile app, you will need to call the 24/7 Support Center to assist you with your login.
You can also use the Duo Mobile app as your 2-factor authentication for other popular services like Instagram, Snapchat, Facebook, PayPal, and Amazon. The Duo guide pages have an article explaining how to enroll other services.
Your local IT staff or the 24/7 Support Centerare happy to help you set up the app as your 2-factor authentication for NetID+. In-person assistance is available at Tech Zone locationsaround the Tucson main campus.
Hardware Token
Another option is a small hardware token you can hang on your keychain. There is a small, one-time cost for purchase, and a setup process.
- To authenticate with the Yubikey 5 device, simply plug it in to the USB port of the device you are logging into and press the button. (Purchase the device that meets your needs—USB-A, USB-C, NFC or Lightning.)
- The Feitan OTP c100 device is a fob you can hang on your keychain that generates a 6-digit passcode for you to enter when you press the button. That passcode will expire the next time you press the button. The Feitan is conveniently available at the Campus Store.
Again, your local IT or the 24/7 can assist with hardware token setup.
By-Pass Codes
When you log into the NetID portal, you can print one-time bypass codes. It’s a good idea to print a set and keep them in your wallet in case you forget to charge your phone or otherwise lose access to your usual authentication method. Once a bypass code is used, it expires.
SMS Text
SMS text is an option for your cell or smartphone. This sends you a 6-digit passcode that you then need to type in to authenticate. Duo does charge a small amount to the university every time you authenticate with text. Phone callis a previously available option. It was discontinued in early 2021 for new NetID+ accounts because it is the least secure option and incurs a higher cost to the university compared to SMS text.
Are you using the easiest, most secure option? Visit the NetID portal at netid.arizona.edu to check on your 2FA options, update them, and/or print a set of bypass codes. The 24/7 Support Center can advise you and help you if you want to change your current option.
No matter what 2FA method you choose, using it wisely is also key to protecting your account. If you get a Duo prompt when you are not logging into a university service or account, do not approve the login. Some cybercriminals will spam you with prompts to try to get you to give up and approve it. If you are unsure about an approval request you’ve received, contact the 24/7 Support Center.