Skip to content Skip to site navigation Skip to service navigation

Login and Two-Step Authentication FAQ

Logging in

I forgot my password. How can I log in?
Go to the Stanford University Accounts webpage and click the Forgot password? button, then follow the steps to reset your password.
What is the status of SPNEGO?
SPNEGO via web single sign-on is no longer supported. When login changed on March 30, 2018, the Identity and Access Management team wanted to simplify login options. Because there are very few active daily users of SPNEGO, the team removed the Advanced Settings option from the new Stanford Login page. This change reduced confusion among the majority of users who do not use SPNEGO.

Using two-step authentication devices and methods

What is the recommended two-step authentication method?
If you can authenticate with a smartphone or tablet, Duo Push is the recommended method; it is quick, simple, and secure. 
How can I use two-step authentication without a smartphone?
Authentication with a security key or hardware token does not require an internet connection, cellular connection, or separate device. A security key can be ordered and self-enrolled by following these instructions. Tokens are available from the Stanford ID Card office.

You can also authenticate by a  call to a mobile phone or a call to a landline.

My device does not have an internet or cellular connection when I travel. How can I use two-step authentication?
You can authenticate with the Duo Mobile app passcode, which requires a device but does not require an internet or cellular connection.
My default two-step authentication device has changed. How do I reset it?

The new prompt does not offer a way to configure a default authentication device (see "Universal Prompt" on the Duo support webpage).  Therefore, you can no longer set a default authentication method by navigating to accounts.stanford.edu and selecting the "Two-Step" tab.

Instead, you will always be prompted for your last-used authentication method.  If you select an option and authenticate with it, you will automatically be prompted with it until you authenticate with a different method. To choose a different authentication method from what is initially provided in the prompt, select “Other options." 

How do I change my default two-step authentication device?

The new prompt does not offer a way to configure a default authentication device (see "Universal Prompt" on the Duo support webpage).  Therefore, you can no longer set a default authentication method by navigating to accounts.stanford.edu and selecting the "Two-Step" tab.

Instead, you will always be prompted for your last-used authentication method.  If you select an option and authenticate with it, you will automatically be prompted with it until you authenticate with a different method. To choose a different authentication method from what is initially provided in the prompt, select “Other options." 

How can I get a security key for two-step authentication?
Purchase your choice of Yubikey and self-enroll it as a security key.
How can I get a hardware token for two-step authentication?
Hardware tokens are available from the Stanford ID Card office.
Can I use a printed list to authenticate?
You can no longer request a printed list for two-step authentication.

If you use a printed list for two-step authentication, choose one of these simple and reliable alternatives:

Can I use SMS (text message) to authenticate?
University IT does not recommend using SMS for two-step authentication, because the National Institute of Standards and Technology (NIST) has reported that SMS authentication is less secure than other two-step authentication options. If you authenticate using SMS, consider changing to Duo Push. This recommended method is quick, simple, and secure. You can review other ways to authenticate on the Two-Step Authentication website.

Troubleshooting two-step authentication

I lost my two-step authentication device and don't have access to a backup device. How can I use two-step authentication?
You can generate a one-time bypass code on the Stanford University Accounts webpage using your University ID card and the answer to your password reset question.
I'm setting up a two-step authentication device but I want to cancel the setup. How do I cancel it?
It is a known Duo bug that there is no option to cancel the device setup process. We have reported this to Duo. As a workaround,  you can close the browser window and navigate back to the site to stop the setup process.
Why was I asked to do two-step authentication twice?
Because your application is on the legacy infrastructure, it is asking for a reauthentication. Learn how to fix or work around this issue.
My two-step authentication content does not load. What should I do?
If the two-step authentication content does not load, try disabling your ad blocker or third-party browser extensions.
My browser does not auto-fill the login address. What should I do?
If your browser doesn't auto-fill, it may be because you use a password manager. Login.stanford.edu uses a new URL so you need to re-enter your username and password in the password manager.
Last modified October 26, 2022