Device Overview and Recommendations

Enroll Enroll Enroll Enroll Enroll
Push Notification
via Duo Mobile App
image image
Text Code (SMS) image image
Phone Call image image image
Passcodes image image image

Device Options

  • Smartphone: The most flexible and versatile option. Using a smartphone lets you MFA four different ways, text code (SMS), Duo Push, Duo Passcode, and phone callsNo cell reception or WiFi? Duo passcodes always work, even without cell phone service. If the Duo Mobile App is installed on a smartphone or tablet, a single passcode is retrieved by tapping the key image next to "UC Santa Cruz" in the mobile app.
  • Cell Phone: Simple and convenient. Can be used as an text code (SMS) backup code generator.
  • Landline: A telephone call to any landline phone will prompt approval or denial of the authentication attempt. Any touch tone enabled phone is eligible to be enrolled.
  • Tablet: Enroll your tablet and receive Duo push notifications and passcodes to MFA through the Duo Mobile app.
  • Token: Don’t want to use a personal device? Traveling through remote areas without service? These university provided key fobs are small and lightweight and can easily attach to your keychain. The token will generate a passcode that will allow you to access Gold password systems. Tokens can be obtained by contacting the ITS Support Center or by attending any of our enrollment training sessions.
  • YubiKey: Already have your own token? If you’re prepared to do a little extra legwork and program your own YubiKey, follow the ITS self-service guide to enroll.  


If you are looking for which two-factor authentication method is best for you, it depends on what you value most. Regardless of which method you choose, it is highly recommended that you have multiple devices tied to your account.

DUO Mobile App

The Duo mobile app on your smartphone or tablet is the recommended option. Passcodes are generated easily within the app, even without service. If you have an Android phone, you can opt to have an email activation link sent to you instead of granting the application permission to use the camera for added privacy. Learn how to athenticate with DUO.


The Token is a good choice for those traveling overseas. The button on the token provides a passcode for you to log in. The only downside is pressing the button repeatedly generates unused authentication codes and risks your token becoming out of sync and unusable. Battery life on these tokens should last a minimum of two years. There is also a cost associated with using tokens. Tokens can be obtained by contacting the ITS Support Center or by attending any of our enrollment training sessions.

Phone Calls and SMS Messages

Phone calls and SMS messages are quick, easy, but not the most secure. SMS messages can be easily intercepted or redirected when traveling and can fail with bad reception. Authenticating through a landline at work is better, but not very mobile friendly.

It is recommended that you enroll at least two devices to use with MFA. The more devices you have enrolled, the less likely you are to get locked out of your account.