NetID+ FAQs

Jump to…

NetID+ General

2-factor authentication is a method of securing access to online resources (Web Applications, VPN, Servers, etc.) Using two independent authentication steps: What the user knows (password) and what the user has (security token). If the first factor is compromised, an attacker still has to gain physical access to the second factor in order to access the target resource.
Authenticating to any web application via Central Authentication System (CAS) using your NetID/Password credentials in combination with the Duo Security authentication codes is NetID+.
Duo Security is a cloud provider for 2-Factor authentication codes .
NetID+ Protected Service are those  web applications that require users to use NetID+ authentication method.  For example, a financial application.
Only NetID+ Protected services require 2-Factor authentication . However, you can enable 2-Factor authentication with Duo security for ALL CAS protected applications you access. For your security , you are automatically enrolled in Global NetID+ when you enroll in 2-factor authentication for the first time.
You are strongly encouraged to enroll more than one device such as smartphone, landline or tablet to avoid difficulties authenticating with your NetID+ if your primary device is not available.
If your password is compromised , an attacker can use your account to access online resources and data. The attacker could be stopped if challenged with a second level of protection using 2-factor authentication method.

NetID+ Usage

Any active Rutgers employees. It is also available for Rutgers’ Guests.
Use your device’s app store for Duo Mobile application download.  Please see instructions .
You don’t have to. But it is recommended if you frequently use “Send me a Push” option for authenticating using DUO. Also, you will immediately know if someone other than you is trying to login using your credentials, in which case you can report a fraud.
Yes. You will need it to scan the activation code while activating your device for DUO via NetID Management Application. duo_scan1
After you sign up for NetID+ , when you access any CAS protected web application, you will complete the first authentication step by entering your Rutgers NetID and password in the CAS login page. You will then be prompted to complete the second step using any of the available authentication methods. Watch the video netidplus
If you use your NetID+ , you will be notified via one of the authentication methods provided by Duo Security. You can either approve the request or report it as fraud with a click of a button. fruad   If you use “Call Me” feature pressing the “0” key will  reject the authentication request  and will report it as fraud.
iPhone, iPad, Android devices, Blackberry devices, Windows phone, Cell phones, Landlines, and Hardware Tokens. See Supported Device for additional Information.
You can use any of the following authentication methods: Duo Authentication Methods Please see instructions  for each authentication method. 
Duo Mobile passcodes:  These are one time-use passcodes generated by the Duo Mobile application.  They can be generated by tapping the key button. You can use this code as your NetID+ authentication to all services.
SMS passcodes:   These are sent to your device via SMS text message.   When you request these codes, you will receive 10 codes.  SMS codes are single-use and must be used in the order in which they are listed.
Bypass codes: These are generated from the Duo Administration Service.   Rutgers Help Desk can provide these codes based on needs.  Once provided to you, you may print and save them in a secure location . Each Bypass code is good for a single use for a specific duration set by Help Desk. You can use these codes to authenticate with your NetID+ to all services .
When you request NetID+ authentication,  your Duo Mobile application will alert you of an authentication request .   You either Approve or Deny the request .   See more instruction.
It is your choice. Please note that push method requires that you have a network connection on your smartphone/tablet. Your smartphone/tablet will need a Wi-Fi or data plan for the push to work. In case, you do not have a network connection, please use passcode to authenticate.
Duo supports any OATH HOTP-compatible tokens  as well as YubiKey  USB tokens.
OATH HOTP-compatible tokens will be supported by OIT central service . Yubikey USB tokens will be considered in the near future.
Duo hardware token have an expected battery lifetime of 2 years.
To request a hardware token, please visit the Rutgers Software Portal.   
Your delivery options are Campus Mail, USPS or Pickup (location is in Piscataway, NJ).  Once your order is processed you will  be notified that you order has been shipped or is ready for pick up.

If you are PICKING UP , please note the address and office hours information below :  

Location : Administrative Services Building – Annex II Busch Campus 58 Bevier Rd. Piscataway, NJ 08854
 Note:  Newark and Camden  pick up locations are only available  in urgent matters  , please call  the EAS IdM Access Management Help Desk for assistance (848) 445-7544 . 
Office Hours: Monday thru Friday 9:00am to 4:30pm .  Closed for lunch from 12pm to 1pm
Please tell the front desk you are picking up software. Make sure to bring your RUID or Driver’s License for identification purposes.
The Guest's sponsor can order a hardware token for their guests.
No, current SafeNet or RSA tokens are not compatible with NetID+.
When NetID+ authentication is requested, you will receive a phone call and you will have the option to either accept authentication by pressing “1” on your keypad. If you would like to decline, you can press “0” . You can use Phone Callback with any landline or any phone you have registered.
You can enroll by logging into  NetID  Management Applicaton  and opt-in for Global NetID+. You can always opt-out at any time if you are not required to use any NetID+ protected service. See Instructions. Note:   NetID+ protected services will continue to request 2-Factor authentication even if  you  opt-out.
You simply need to register any secondary device.
You are strongly encouraged to enroll more than one device such as a smartphone and tablet to avoid difficulties authenticating with your NetID+ if your primary device is not available. You can use any of the devices you registered with your NetID+.
Yes,  you can use either the “Call Me” authentication method available for non-smart phone (see instructions)   or SMS passcodes (See instructions)  .  Please note that these methods are the least cost effective methods and are not recommended if you can use other authentication methods.
SMS text messages and voice calls authentications  made to your  mobile phone  are billed by  your carrier in the same way that any other text message or call would.  Rutgers will not reimburse you for these charges.
When you login with your NetID+ you  may select the "Remember me for 30 days" option.  This option means that after you authenticate via NetID+ only once, you will be able  to access CAS  protected web applications without having to authenticate again through  2-factor authentication  for 30 days.  You are still required to authenticate with your NetID and Password  and your remembered device acts as a second factor. Please note that "Remember me for 30 days" feature is a browser specific and not shared between different browsers. For example if you login with EI  today  and use Firefox browser later  , it will ask you to authenticate again with NetID+. See also troubleshooting if you experience any issues with this feature. rememberme
Not really .   2FA with "Remember Me" feature enabled still secures your method of authentication.  Some  one has to steal both your  name /password AND  your device in order to compromise your credential ,which is less likely to happen.    When you login with  with "Remember Me" feature enabled , your device becomes your 2FA  method and is fully logged  for auditing.
If you did not enable Remember device feature "Remember me for 30 days"  ,  your login session with  NetID+ is integrated with Rutgers current Single Sign-On (SSO)  authentication solution.  Generally, once logged-in with NetID+, there is 8 hours of active SSO session without the need to re-authenticate again with NetID+.  However, there could be some exceptions based on a web application's session policy and web browser implementations.  Also, if you close your web browser and then open a new web browser, you will be prompted to NetID+ authenticate to establish a new SSO session.

NetID+ Support

In the absence of network or cellular connectivity, the push method will not work, but your device will continue to generate Duo passcode . Alternatively you can also use Hardware Token.
You are strongly encouraged to enroll more than one device such as a smartphone and tablet to avoid difficulties authenticating with your NetID+  if your primary device is not available. If you do not have a secondary device , you will need to contact the Rutgers Help Desk. You will be provided with a temporary Bypass code, you can use this code for a specific period of time based on your need.
You can use NetID+ while traveling abroad.  All available authentication methods should work. When cellular service or internet access is not available, the Mobile push will not be available to your device. In this case, you can still use the Duo Mobile Passcodes  or hard token if you have one. You can also request 10 one-time use passcodes to be sent by text message before you travel.  See instructions  for obtaining passcodes via SMS

You can also  request  Bypass code from Help Desk .  See instruction for obtaining the Bypass code before you travel.

We recommend that you enroll at least two devices so that you have a secondary device to use if the primary one becomes unavailable or lost.   Using the secondary registered device  will  allow  you to access  NetID+  Device Management where you can delete your lost device . If you do not have a secondary device enrolled , you can contact the Rutgers Help Desk  for help. Help Desk can provide you with the following options :
  1. Help Desk can delete your device record.
  2. Help Desk can provide you with a temporary  Bypass code.
Note: Your NetID password will still protect your account.
  • New device, same old number : 

You still have your old device :

  • Login o the NetID Application Management Tool.
  •  Click on Manage NetID+ (Login with your NetID and Password)
  • Click on "Manage My Mobile Devices"
  • Click on  My Setting & Devices" and use  "Send Me A Push"  authentication method with your old device
  • Click on "Device Options"  for your mobile device
  • Click on "Reactivate Duo Mobile" and follow instructions to use with your new device

You do not have access to your old mobile device :

  • Login o the NetID Application Management Tool.
  •  Click on Manage NetID+ (Login with your NetID and Password)
  • Click on "Manage My Mobile Devices"
  • Click on  My Setting & Devices"
  • Choose either "Call Me" or Enter a Passcocde (use SMS)  and complete authentication
  • Click on the "Device Options"  of your mobile device
  • Click on "Reactivate Duo Mobile" and follow instruction to use with your mobile device
  • New Device , New number :

You still have  your old device :

  • Login o the NetID Application Management Tool.
  •  Click on Manage NetID+ (Login with your NetID and Password)
  • Click on "Manage My Mobile Devices"
  • Click on  My Setting & Devices" and use  "Send Me A Push"  authentication method with your old device
  • Click on "Device Options"  for your mobile device
  • Click on "Reactivate Duo Mobile" and follow instructions to use with your new device

You do not have access to your old mobile device and you do not have a secondary registered device :

You will  need to call Rutgers Help Desk to remove the old device from your Duo Security account. Help Desk will  provide you with a ByPass code which you can  use to register your new device.

If you removed the Duo App from your device by a mistake , you can not use the "Send Me a Push" authentication method ,  will need to re install the  Duo mobile app and reactivate your Duo Mobile device . Simple follow :
  1. Login o the NetID Application Management Tool.
  2.  Click on Manage NetID+ (Login with your NetID and Password)
  3. Click on "Manage My Mobile Devices"
  4. Click on  My Setting & Devices"
  5. Choose either "Call Me" or Enter a Passcocde"  and complete authentication
  6. Click on the "Device Options"  of your mobile device
  7. Click on "Reactivate Duo Mobile" and follow instruction to use with your mobile devicereactivatemobile
 
You can contact Help Desk to initiate a request for  a token replacement .    Help Desk will initiate a request on your behalf to the Software Portal Support .    Some one from the Software Portal support will contact you with instructions to request a new token.
  • Lost token.
  • Battery is dead.
  • Token is damaged and you can not read the digits displayed.
  • Button is not working.

Related Articles