Network security is always about finding the optimal balance between a secure network environment and convenience. As bad actors continue to proliferate across the internet, we have watched our peers in higher education strengthen their security postures. We must acknowledge the need to follow suit.
Starting on July 1, 2025, we will be disabling the Remember Me feature of Cisco Duo. Once this change is implemented, users will need to complete second factor authentication upon each connection to one of the University’s Single Sign-On (SSO) services. While Remember Me provides simplicity, it also introduces significant risks. For example, if a device with Remember Me enabled becomes compromised, an attacker could gain unfettered access to sensitive data and applications. Additionally, since Remember Me uses internet cookies, those small files can be stolen from your machine and used to access your account. For these reasons and others, cookie-based authentication is being phased out as a security standard.
There are still a variety of options available to authenticate via Cisco Duo. Users seeking a similar “hands-off” experience may be most interested in authenticating via Security Key. Once this physical WebAuthn/FIDO2 key has been purchased, users can enroll their device online. Their identity will be validated on the device whenever the key is connected. For more information about security keys and links to approved models, visit:
As a reminder, the other traditional authentication options are as follows:
DUO Push
If you have the DUO Mobile app installed on your smartphone or tablet, you can receive a push notification. From the app, you can approve or deny the login attempt.
Passcodes via DUO Mobile App
If you have the DUO Mobile app installed, you can receive a single passcode by tapping the FDU logo in the mobile app. This code must be used immediately.
Passcodes via SMS
Users can receive a one-time-use code via text message. To get a one-time code, click Enter Passcode, then click on the blue Text me new codes button. These codes do not expire and are valid until used. You do not need a smartphone for this option.
Passcode via Token (Employees with Departmental Approval Only)
A department can request a physical token that displays a passcode for an employee’s MFA authentication. The department will be charged for the cost of the token and will be responsible for returning the token if/when the employee leaves the University. Tokens can be requested through a SAMI Support ticket.
SAMI Support
If you have any questions or concerns, please visit SAMI Support, where you can request additional information from UTAC or search our extensive IT knowledge base. While SAMISupport provides the quickest and easiest access for IT support, you can always contact UTAC by phone (973)-443-8822 or email at fdutac@fdu.edu.