Device Overview and Recommendations


cell phone

landline phone



Enroll Enroll Enroll Enroll Enroll
Push Notification
via Duo Mobile App
checkmark for smartphone checkmark for tablet
Text Message (SMS) checkmark for smartphone checkmark for cell phone
Phone Call checkmark for smartphone checkmark for cellphone checkmark for landline
Passcodes checkmark for smartphone checkmark for tablet checkmark for token

Device Options

  • Smartphone: The most flexible and versatile option. Using a smartphone with the Duo Mobile app,  lets you MFA four different ways. You can receive:
    1. Duo Push - an automatic notification is sent to your phone
    2. Text Message (SMS) - passcodes are sent in a batch of ten, via SMS text
    3. Phone calls - your phone is automatically called
    4. Passcodes the app automatically generates a passcode
  • No cell reception or WiFi? Duo passcodes always work, even without cell phone service. If the Duo Mobile App is installed on a smartphone or tablet, a single passcode is retrieved by tapping the downward arrow next to the account labeled "UC Santa Cruz" in the mobile app.
  • Cell Phone: Simple and convenient. Can be called as a phone or used as an text code (SMS) passcode generator.
  • Landline: A telephone call to any landline phone will prompt approval or denial of the authentication attempt. Any touch tone enabled phone is eligible to be enrolled.
  • Tablet: Enroll your tablet and receive Duo push notifications and passcodes to MFA through the Duo Mobile app.
  • Token: Don’t want to use a personal device? Traveling through remote areas without service? These university provided key fobs are small and lightweight and can easily attach to your keychain. The token will generate a passcode that will allow you to access Gold password systems.  Tokens can be obtained by contacting the  ITS Support Center.
  • YubiKey: Already have your own token? If you’re prepared to do a little extra legwork and program your own YubiKey, follow the ITS self-service guide to enroll.  

Authentications & Recommendations

If you are looking for which two-factor authentication method is best for you, it depends on what you value most. Regardless of which method you choose, it is highly recommended that you have multiple devices tied to your account.

DUO Mobile App

The Duo mobile app on your smartphone or tablet is the recommended option. Passcodes are generated easily within the app, even without service. If you have an Android phone, you can opt to have an email activation link sent to you instead of granting the application permission to use the camera for added privacy. Learn how to authenticate with DUO.


Tokens are a good choice for those traveling overseas. The button on the token provides a passcode for you to log in. The only downside is pressing the button repeatedly generates unused authentication codes and risks your token becoming out of sync and unusable. More information how to resync your token can be found in our FAQ. Battery life on these tokens should last a minimum of two years. Tokens can be obtained by contacting the ITS Support Center.

Phone Calls and SMS Text Messages

Phone calls and SMS text messages are quick, easy, but not the most secure. SMS messages can be easily intercepted or redirected when traveling and can fail with bad reception. Authenticating through a landline at work is better, but not very mobile friendly.

It is recommended that you enroll at least two devices to use with MFA. The more devices you have enrolled, the less likely you are to get locked out of your account.