Two-factor authentication (2FA) is an additional security measure that requires a pre-registered device, such as a mobile phone, to confirm your identity when you sign in to a University resource. This added layer of protection helps to prevent cybercriminals from accessing your account, even if they obtain your password. At Harvard University, we use Duo to make the 2FA process efficient and convenient. In addition to protecting email and Dropbox, 2FA also ensures that all applications in the Microsoft 365 suite, such as OneDrive and SharePoint, are secure against unauthorized access. It also helps to prevent attackers from installing malicious applications on our systems.

Set up two-factor authentication for your HMS account

Note – You must set up the Duo mobile app for use with the Harvard Medical School Virtual Private Network (VPN) and your Office 365 email account. If you have already set up Duo for your HarvardKey, you will see HMS listed as a separate entry in the app.