Students walking on campus

MFA

UCr Gold Line

Verify Your Identity with the UCR Authentication Application

Multi-factor authentication (MFA), sometimes referred to as two-step verification, has become commonplace in banking, healthcare, and education because it adds an extra layer of protection against bad actors looking to steal your sensitive information. Any time someone tries to access a secure campus resource, UCR requires the individual to verify their identity via MFA to help ensure access is being granted appropriately. The individual can then quickly and easily confirm their identity via their mobile phone or tablet using Duo, UCR’s authentication application.  

UCr Gold Line

Upgraded Authentication Options Coming to Duo Mobile

To further bolster campus security and help ensure access is being granted appropriately, UCR will upgrade the Duo MFA process to offer a new suite of authentication options. In February 2025, Highlanders will be asked to use Duo verified push to authenticate, which requires entering a unique code in the Duo mobile app when prompted upon logging into a secure UCR resource. However, other configurable authentication options will include biometrics, which use the device’s touch or face ID functionality to verify identity.  

Currently, options to verify identity upon login include the ability to receive a phone call or an SMS text message with a one-time code. Both of these less secure and costly forms of authentication will be retired with the launch of Duo verified push. Along with verified push, new authentication options available in the Duo app will include the enablement of device biometrics, such as face ID, to verify identity. These enhancements require all Highlanders to have a personal device that is not only registered with their UCR account but also uses the official Duo mobile app. Folks with accessibility concerns are asked to contact ITS BearHelp to obtain an alternate authentication option.
 

UCr Gold Line

MFA For All Email

On December 2, 2024, UCR will enforce MFA on all campus and health email accounts, including both individual and ORG email accounts. Identity verification via MFA means that every time a Highlanders logs into email and other secure UCR resources, they are will be required to authenticate their login with a registered personal device.

Details of the change and its impact, as well as additional instructions and action items, are included in ITS’ direct email communications to all affected Highlanders.

Security Outcomes Addressed

“Deploy and configure multi-factor authentication (MFA) on 100% of campus and health email systems.”

UCr Gold Line

Frequently Asked Questions

UCr Gold Line

Learn About UCR's Response to the UC Cybersecurity Mandate

Let us help you with your search