Two-factor authentication keeps an individual’s account secure even if their password is compromised. It requires two proofs of identity when logging in:

1. Something you know, such as your U-M (Level-1) password.
2. Something you have, such as a mobile app or hardware token.

Turning on two-factor for Weblogin helps protect your direct deposit information and W2s. It is also used for:

• Electronic Prescription of Controlled Substances (EPCS)
• Remote access (VPN) service
• Outlook on the web
• Other services as security assessments dictate

• Enroll in Duo
• Use Duo with VPN, Intelligent Hub, or EPCS