Accessibility statement

Making the VPN and Virtual Desktop more secure

Posted on 1 June 2020

As we have previously announced, we have been investigating two-factor authentication (2FA), an added layer of security which will help us to keep your information and our network more secure.

  • Making IT more secure

Following a successful pilot of Duo two-factor authentication on the VPN within the Department of Biology and IT Services, we’re rolling out this protection to all members of the University across both the Virtual Private Network (VPN) and Virtual Desktop (VDS) services:

From Tuesday 23 June onwards if you log in to the VPN, you’ll need to use Duo 2FA.

From Tuesday 30 June onwards if you log in to the VDS, you’ll need to use Duo 2FA.

Update: Due to technical issues we've had to delay our planned rollout of Duo two-factor authentication on the VDS. We'll announce a new launch date as soon as we can.

Registering for Duo 2FA

We recommend that if you use these services, or might use them in the future, you should register for Duo 2FA now in preparation for the change later this month. It’s quick and easy to register - log in to the site using your University username and password, then follow the instructions:

More information on registering and using Duo can be found on our website:

  • Duo two-factor authentication

If you have already registered for Duo 2FA (for example, if you were involved in the pilot phase) then you’re all set - there is no need to register again.

If you’re a member of staff and you do not wish to register a mobile phone or tablet with Duo, please contact itsupport@york.ac.uk to discuss this. We can provide a free hardware token (a small key fob with a digital display) for you to use but, for security and ease of use, we strongly recommend using the Duo Mobile app.

Piloting Duo 2FA with the VDS

We need as many people as possible to start testing Duo with the VDS in order to provide us with feedback. Your feedback will directly improve the service for everyone. It will also ensure you don't have any issues when the changes go live.

Please consider registering for Duo today and testing it with the VDS following the instructions below.

Instructions for VDS pilot

First, register for Duo following the steps above.

Once registered you can test using the VDS with Duo 2FA by going to https://workspace2fa.york.ac.uk/

After entering your University username and password as normal, a pop-up box will appear like the one below.

The Virtual Desktop prompting for One Time Passcode/OTP after a username and password was entered.

In the OTP box:

  • If you are using push notifications with the Duo Mobile app (this is the default that most people will use), enter the word 'push' and click OK - you will then receive a notification from the Duo Mobile app to confirm the login.
  • If you are using SMS or a hard token to receive a Duo authentication code, enter an authentication code and click OK.
    • If you have already used all the passcodes that were sent to you by SMS and need a new batch, enter the word 'SMS' and click OK - you will receive a new batch of codes by SMS text message shortly.

After that you will be redirected to the normal list of virtual desktop options. Apart from the additional pop up box during the login process there are no other changes to the virtual desktop experience.

Please contact the IT Support team to provide feedback and report any issues: