The University of Miami is transitioning multi-factor authentication (MFA) services from Duo to Microsoft Authenticator in 2025. Microsoft Authenticator is deeply integrated within the broader Microsoft ecosystem, offering a seamless authentication experience across countless applications and platforms.
We encourage University of Miami community members to self-enroll in Microsoft Authenticator. Self-enrollment is open now! Microsoft Authenticator will be used to access all University systems accessed via the UM-branded login page.
Between now and Friday, April 4, IT will begin moving University community members from Duo to Microsoft Authenticator for those who have not yet self-enrolled. Self-enrollment ensures uninterrupted access to University systems—so register TODAY!
Quick LinksNeed help self-enrolling? Our on-campus, IT support points are here for you! From March 4 to April 4, 2025, our IT team will be available at various locations to assist you with enrolling your device in Microsoft Authenticator. Click here to view IT pop-up support desks.
Step 
Download the app.
Download and install the Microsoft Authenticator app* on your mobile device from the Apple App Store and/or Google Play Store. Using the Microsoft Authenticator app, you can easily verify your University of Miami login.
*Make sure you download the official Microsoft Authenticator app by clicking the direct links above.
Step 
Enroll your device(s).
Depending on your mobile device's operating system, follow our enrollment instructions to set up your University of Miami account with Microsoft Authenticator for the first time.
You can enroll up to two devices for MFA services, e.g., a phone and a tablet.
Step 
Start using Microsoft Authenticator, when prompted.
Duo Users Transitioning to Microsoft Authenticator:
Enrollment Guide for Apple (iOS) Users
—
If you are a new University of Miami user who has never had Duo MFA enabled before, follow the enrollment guide below to get started with Microsoft Authenticator:
New Enrollment with Microsoft Authenticator (Non-Duo Users):
Duo Users Transitioning to Microsoft Authenticator:
Enrollment Guide for Android Users
—
If you are a new University of Miami user who has never had Duo MFA enabled before, follow the enrollment guide below to get started with Microsoft Authenticator:
New Enrollment with Microsoft Authenticator (Non-Duo Users):
For instructions on how to manage your University of Miami Microsoft Authenticator account—including adding a new device, deleting a device, and/or changing your default authentication method—review the following tip sheet: How to Manage Your MFA Account/Device(s) If your mobile device is unable to access a Wi-Fi or cellular network, you can still complete the sign-in process by manually generating a verification code from the Microsoft Authenticator App and entering it on the University of Miami's sign-in page. Review the following tip sheet for instructions: How to Manually Generate an MFA Access Code Visit MFA transition on-site support points, across all campuses, where our IT team will be able to assist you with self-enrolling your device in Microsoft Authenticator.Manage Your MFA Account
Add a New Device, Delete a Device, and/or Change Your Default Authentication Method
Using MFA Without Internet or Cell Phone Signal
On-Campus Self-Enrollment Support
Coral Gables Campus
Marine Campus
UHealth/MSOM
With Microsoft Authenticator at the University of Miami, you can use the following authentication methods: the Microsoft Authenticator app* to enter the code provided on the login page, or a physical hardware token to generate a code. *Note: The Microsoft Authenticator app is the recommended option, as it works well over WiFi as well as mobile connections.Available Authentication Methods
Once you've enrolled using the Microsoft Authenticator app, you will enter the number shown on the computer (or mobile) screen in the Microsoft Authenticator app to verify your identity. Full details are included within the enrollment guide.
No one is required to have an MFA token, and most people will not want (or need) a token. Only in special cases (when a phone cannot be used for MFA) should a token be used. (Note: Using a phone (mobile and/or tablet) is the preferred way to use MFA for greater security, having one fewer "thing" to keep track of, battery life, etc.; therefore, only in limited cases will a token be needed or required.) MFA tokens are issued via walk-in centers located on each UM campus*. To be issued a token, a person needs to visit a location and provide identification. In some cases, tokens will also be issued to IT departmental partners who can distribute to their colleagues. If you would like to use an MFA token as your authentication method, please visit one of the convenient locations listed below and an IT specialist will enroll the token in your Microsoft Authenticator account:
An MFA hardware token—or "fob"—is a piece of hardware that is used to authenticate when a person is not using a phone to authenticate on the MFA service. The token is a small, battery-powered device that is usually attached to your keychain. Pressing a button on the token will display a code on the built-in display.Coral Gables Campus
Marine Campus
UHealth/MSOM Campus
Self-enrolling in Microsoft Authenticator ensures a smooth transition to the new MFA service and uninterrupted access to the University of Miami systems you access daily. Microsoft Authenticator not only enhances security, but also simplifies access management for our organization—a crucial aspect of our continued growth. Important note to stay safe: University of Miami community members should not expect any communication via text message and/or phone call to enroll in Microsoft Authenticator. You will only receive requests to enroll in Microsoft Authenticator via email.
Project Overview
All about the transition from Duo to Microsoft Authenticator.
We have analyzed your feedback from a variety of sources, and recognized the opportunity to improve thefunctionality of our multi-factor authentication (MFA) system, Duo. As a result, we are switching MFA services to Microsoft Authenticator.
Multi-factor authentication (MFA) adds a step to the login process and requires you to prove your identity after entering a University of Miami username and password by responding to a prompt to enter a passcode using a mobile device, tablet, or hardware token. MFA is required for all University of Miami users, including students, faculty, and staff. Based on University community feedback, we are transitioning MFA services from Duo to Microsoft Authenticator in 2025. Self-enrolling in Microsoft Authenticator ensures a smooth transition to the new MFA service and uninterrupted access to the University of Miami systems you access.
It's simple—enroll your device(s) in Microsoft Authenticator ASAP!
Make sure you download the official Microsoft Authenticator app on your mobile device from the Apple App Store and/or Google Play Store. The Microsoft Authenticator app is free to use.
When you reach the University-branded login page, enter your University of Miami Login ID* and password. You will then be prompted to authenticate with multi-factor authentication (MFA). *Your Login ID provides unified access to the majority of University of Miami applications and systems, and is sometimes referred to as your User Principal Name (UPN). Your Login ID is usually formatted like your CaneID; however, the Login ID has @miami.edu or @umiami.edu appended to the end of the ID. (The @miami.edu or @umiami.edu at the end of the Login ID indicates that you are associated to the University of Miami organization.) If you don't know your Login ID, visit CaneID Self-Service at caneid.miami.edu and click the "Login ID" banner to view your information. You can use your CaneID to log in and access this information on the CaneID Self-Service page. Your CaneID is your unique identifier within University systems, and you will continue to use your CaneID for a variety of reasons—including when connecting to wireless networks at the University of Miami or systems that do not use the University's branded login screen (palm trees/flying ibis). Keep in mind that some University applications/systems may require a different ID to log in, and will prompt you accordingly.
For instructions on how to manage your University of Miami Microsoft Authenticator account—including adding a new device and deleting a device—review the following tip sheet: How to Manage Your MFA Account/Device(s)
Yes. To change which authentication method you are automatically prompted for, visit it.miami.edu/manage-mfa, log in, and then select "Change." In the pop-up, select your preferred method and then click "Confirm" when complete:
For step-by-step instructions on how to changing your default authentication method with your University of Miami Microsoft Authenticator account, review the following tip sheet: How to Manage Your MFA Account/Device(s)
This is a known issue within the Microsoft Edge browser on Mac (Apple) devices when signed in with your profile and Copilot is enabled; Microsoft is currently working on a fix. (For reference of what the pop-up looks like, see sample below.)
In the meantime, to disable the sign-in pop-up, follow the steps below:
The IT team has discovered an issue with some third-party apps on iPhone iOS 18 devices—e.g., the Workday mobile app—and Microsoft Authenticator. What is happening? Users are experiencing Microsoft Authenticator app time-outs, preventing successful sign-ins to some third-party mobile apps, like the Workday mobile app, when connected to Wi-Fi on an iPhone iOS 18 mobile device. This issue does not occur when using cellular data, and it does not affect access to the Workday site via a desktop computer. What is the workaround? As a temporary workaround, users are advised to turn off Wi-Fi on their mobile phones, complete the sign-in process to your third-party mobile app using cellular data, and then turn Wi-Fi back on once the sign-in to the app is successful. Why is this occurring? The issue is related to the current authentication process, and will be resolved after we move to the latest Microsoft login experience in the coming weeks. This transition will aim to provide a more stable and reliable authentication process and prevent the current issue being experienced by some third-party mobile apps on iPhone iOS 18 devices.
The IT Service Desk is available 24/7 to provide technical support. Contact the IT Service Desk at 305-284-6565 or help@miami.edu.
For technical support—available 24 hours a day, 7 days a week—please contact the IT Service Desk at 305-284-6565 or help@miami.edu.
Technical Support
Need help? We're available 24/7!
Back to Top
