Microsoft multi-factor authentication to replace Duo Mobile

In January 2026, Purdue will adopt Microsoft multi-factor authentication (MFA) for all university accounts systemwide. This will simplify the MFA process for all users and eliminate the need for Duo Mobile. All users will be required to enroll with Microsoft MFA to access Purdue applications including email and those protected by Purdue Single-Sign-On (SSO) such as SuccessFactors, Brightspace, myPurdue, etc.

No action is required for users already enrolled in Microsoft MFA with their username@purdue.edu account. 

View FAQs here.

What changes for me?

  • Users will notice a change in the SSO login screen. (Example below)
  • All users will need to authenticate to Purdue services with their “username@purdue.edu” and password.
  • Users will be required to use Microsoft MFA to authenticate. This will affect applications utilizing Purdue SSO as well as the VPN. Supported methods for Microsoft MFA include the Microsoft Authenticator application (default and preferred method), SMS codes, phone calls and physical hardware tokens. Purdue IT recommends users set up at least two MFA methods (ex: Microsoft Authenticator app and SMS Codes). To add an additional authentication method, see: How to change Microsoft MFA authentication methods.
  • Most users should already be enrolled in Microsoft MFA to access applications such as Outlook, Teams, OneDrive, and Office 365.

New SSO screen shot

What are the benefits of this change?

  • Simplified user experience: Users will only need to manage a single MFA method and device.
  • Enhanced security posture: Aligning with Microsoft MFA ensures a unified and modern authentication platform across all Purdue systems.
  • Cost savings: Eliminating Duo reduces licensing and support costs.

Using hardware tokens with Microsoft MFA

Hardware tokens used with Duo are not compatible with Microsoft MFA. The preferred and most cost-effective method is to leverage the Authenticator app. Additional information, including how to purchase new tokens, will be emailed to current hardware token users in the coming weeks. Please note that these tokens will need to be purchased by you personally or through your Business Office.

Actions required before January 2026

  • Confirm enrollment in Microsoft MFA before leaving for winter break in December.
  • If necessary, purchase Microsoft MFA-compatible hardware token.

Resources: