Skip to main content

Dear Coyote Community,

USD is witnessing an increase in cybercrime as cyber-criminals are using the fear of the COVID-19 pandemic to trick students into giving away their passwords or installing ransomware. USD is committed to preventing these cyber-attacks through the university’s Duo MFA security software.

If you haven’t already enrolled in Duo to protect your university account, follow the instructions in our knowledgebase at to sign up for Duo MFA. Enrolling in Duo is the most effective way to protect your university account from cyber-criminals.

Why do I need Duo?

The risk from cyber-attack has increased, because cyber-criminals use fear and uncertainty as weapons against us. They use stolen IDs and passwords to log into your account from countries around the world. Once they log into your account, they can wreak havoc such as:

  • Send emails to your family and friends scamming them out of money
  • Spread ransomware to everyone you know
  • Steal your financial aid or tax refunds
  • Use your name to scam people around the world

What can you do?

Every USD student can enroll in multifactor authentication (MFA) today to protect their university account. All new students at USD are already enrolled, but if you received your university account before June 2019 then you may not have enrolled in MFA. If you haven’t done so already, visit and follow the instructions to enroll.

What is MFA?

Cyber-criminals are very good at stealing your password without you knowing it. MFA protects your account by requiring a second authentication after typing your password, so a cyber-criminal can’t log into your account by simply stealing your password. MFA is the single most effective way to protect your account from password theft.

How does MFA work?

MFA happens after you enter your username and password successfully. Typically, you will receive a “Push” to the Duo Mobile App on your smartphone. Once you approve the “Push,” you are logged into the university. Pro Tip: There is a checkbox in the web browser saying “Remember me for 30 days.” Select that checkbox before you “Push,” and you won’t see the MFA prompt every time you login.

Why is the risk higher now?

You may have heard that cyber-criminals are using the fear of the COVID-19 pandemic and economic turbulence to fuel their phishing campaigns and scams. In many cases, COVID-19 is leading our university students to use unfamiliar technology to complete their coursework. The cyber-criminals know this, and they take advantage of that situation to trick students into giving away their passwords or installing ransomware.