To help better secure UAB accounts, UAB IT is reducing the amount of time an SMS message sent by Duo two-factor authentication will last after it is sent to a user for authentication. Over the next several weeks, the expiration time will gradually be reduced. “This change will help better secure our users,” said Rob Ferrill, chief information security officer for UAB. “That said, the best and most effective method for using Duo is the mobile app.”
The Duo mobile app uses push notifications for two-factor authentication; you can even use a one-time code if WiFi isn’t available.
Reducing the expiration time for SMS users will bring UAB in line with other research universities that use SMS as a second authentication factor.