MFA Transition - Duo to Authenticator

Overview

As part of our Identity and Access Management modernization efforts, Villanova is transitioning our multi-factor authentication (MFA) solution from Duo to Microsoft Authenticator. 

What is MFA?

MFA provides an additional layer of security for Villanova’s applications and services by requiring you to provide a second form of identity verification on top of your username and password. This helps to prevent unauthorized account access, even when a password has been compromised.

The transition to Microsoft Authenticator delivers on our ongoing commitment to simplify account access while strengthening protections for the University’s digital environment. 

Features and Benefits

  • Stronger Protections: Enhanced safeguards against phishing and other emerging threats.
  • Simplified Login Experience: Seamless authentication experience across Villanova single sign-on (SSO)-enabled applications and platforms.
  • Improved Service and Support: Fewer points of failure, more reliable service, and faster resolution when issues do arise.
  • Cost Optimization: Savings for the University on licensing and supporting infrastructure for multiple solutions.
  • Future-Ready Capabilities: Ability to introduce passwordless authentication features like logging in with phone approval or fingerprint/FaceID.

Timeline

  • Pilot Testing (May - June 2026): Early adopters in University Technology Services have begun using Microsoft Authenticator to help identify issues prior to a full campus rollout. 

  • Rolling Transition Period (June - August 2026): Villanova users will be grouped into cohorts and assigned a specific date for their transition from Duo to Authenticator. Each group will receive targeted communication outlining the expected impact and necessary enrollment actions. You are encouraged to enroll your Villanova Account in Microsoft Authenticator ahead of your transition date for a smoother experience.

  • Duo Disablement (August 2026): We will begin disabling Duo in mid-August, prior to the start of the Fall 2026 semester. All future Villanova users will directly enroll in Microsoft Authenticator as the required MFA solution.
     

Project Team

Executive Sponsor

  • Tej Patel, Vice President of Information Technologies and Chief Information Officer

Project Steering Committee

  • Leonard Nelson, Assistant Vice President and Chief Information Security Officer

Project Management and Change Management

  • Richard Forcey, Multimedia Production Specialist

  • Nicole Gostkowski, Senior Enterprise Project Manager
  • Will Marsh, Assistant Director, Digital Experience and Learning
  • Christine Stackhouse, Information Security Awareness Educator

Project Operational Team

  • Kevin Dietzler, Manager, Application Development & Identity Management

  • William PohlhausLead Applications Programmer

Frequently Asked Questions

Villanova’s single sign-on (SSO) login interface and MFA application are changing. 

When you are prompted to log in via Villanova’s SSO, the screen will update to Microsoft’s modern sign-in page. This unified login screen will be used not only for Microsoft 365 services but also for our other services with SSO enabled.   

Instead of seeing a Duo prompt after entering your Villanova username and password, you will see a Microsoft prompt. You will approve the sign-in request using the Microsoft Authenticator application on your mobile device (or another method, such as a hardware token).  

Villanova will transition users from Duo to Microsoft Authenticator in rolling cohorts throughout the summer.  We recommend keeping the Duo Mobile app on your devices until Villanova announces that the full campus transition has been successfully completed. At that point, you can delete the app unless you use Duo as MFA for other personal accounts. 

If you have not enrolled in Microsoft Authenticator by the transition deadline for your cohort, you will be prompted to do so at your next login attempt before you can proceed. We strongly recommend completing the setup well in advance of the deadline to avoid disruptions to your experience. 

To best protect our community and our University, we are discontinuing the use of codes via SMS (text message) and telephony (phone calls) as an authenticator factor. Both the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have advised against using SMS/telephony, as they are highly prone to compromise through methods such as SIM swapping, social engineering, and man-in-the-middle attacks. The Microsoft Authenticator app provides a more secure, resilient mode of authentication via number matching

We understand not everyone has, or wants to use, a smartphone or tablet. While the Microsoft Authenticator mobile app is recommended for the best convenience and security, Villanova does offer the alternative of using a hardware security key. Please submit a ticket through the Support Portal about using this alternative as early as possible before your transition date to avoid disruptions to your experience.

Microsoft Authenticator is built to manage multiple accounts. You will simply add your Villanova Account to your existing Microsoft Authenticator app, and it will appear as a new entry. The app interface might look slightly different when approving Villanova MFA requests, for example, by showing the Villanova logo. However, the process of tapping “Approve” or entering a code remains the same.