Skip to content Skip to site navigation Skip to service navigation

Changes to the Login and Two-Step Authentication Experience

With the implementation of the Duo Universal Prompt on Oct. 25, all legacy printed lists have been deprecated and can no longer be used. Please use Duo Push or another authentication option.


As part of an improved and simplified Cardinal Key experience, we are introducing a new browser experience for two-step authentication.

  • You’ll see a few screen changes, but everything will work much the same as now and will stay just as easy to use.
  • The core functionality of Duo Mobile isn’t changing. You’ll still be able to receive a Duo push and do anything the current version of the app does.
  • With the new screens, you'll see a changed URL in the address bar.  Currently, when you need to verify, the prompt displays within the Stanford login webpage with a URL. After the update, you’ll be directed to a webpage hosted with a URL. 
  • With the change, you'll always be prompted for your last-used authentication method and can no longer set a default method.

Changes to the login experience

  1. If you use Cardinal Key, the Stanford login screen you’re familiar with will be replaced by a “Select a certificate” pop-up when it's time to authenticate. If you see the pop-up shown below, simply select OK. This pop-up prompt replaces the Stanford login screen.
    Note: Those who are not yet using Cardinal Key will continue to enter a SUNet ID and password on the Stanford login screen, as usual.
  2. For websites and applications that require two-step authentication, you’ll see a revised browser-based prompt to verify your two-step authentication.
    Note: Instead of showing the Duo prompt within a page hosted by the application [], the link will now redirect to a page hosted by Duo at [] to show the Duo prompt and then redirect back to the protected application after completing the two-factor authentication.
    1. When prompted for Two-Step Authentication, you will always be offered your last-used authentication method. If you choose Push as an authentication method, a login request will be sent to your device. 
    2. To choose a different authentication method from what is provided initially in the prompt, you can select Other options to choose one of the other options that may be available to you.
  3. Your next steps are the same as before. Open the Duo Mobile app on your device. You may see a message saying that you have a request waiting, displayed at the top of your screen. Tap the message.
  4. Tap Approve to authenticate. If you get a request you were not expecting, tap Deny.
  5. Once you have authenticated, you might see a screen that asks if you want to trust the browser. You’ll have the option to select “Yes, trust browser.” This takes the place of the “Remember Me” screen. 
    1. If you click Yes, trust browser the browser will automatically remember you, and you will not be prompted to authenticate for that application or service for the next 90 days.
    2. If you select No, do not trust this browser, you will still authenticate and continue onto your desired site; however, you will be prompted to re-authenticate each time you log into an application on that browser. 
    3. Remember, public or shared computers shouldn’t be saved as trusted browsers.

Changes to devices & settings

The new prompt does not offer a way to configure a default authentication device (see "Universal Prompt" on the Duo support webpage).  Therefore, you can no longer set a default authentication method by navigating to and selecting the "Two-Step" tab.

Instead, you will always be prompted for your last-used authentication method.  If you select an option and authenticate with it, you will automatically be prompted with it until you authenticate with a different method. To choose a different authentication method from what is initially provided in the prompt, select “Other options." 

Learn more

Duo Mobile is one of the multi-factor authentication tools Stanford uses to keep our systems safe and secure. To learn more about your two-step authentication options, visit the Two-Step Authentication website.

Get help

If you have questions or need assistance with the new interface, please submit a Help request.

Last modified May 8, 2023