In order to minimize the risks associated with stolen passwords, your account is required to use a second “factor” (typically a phone or token) whenever your password is used. With Single Sign On (SSO), this can be expected to happen approximately once every 6 hours on each computer and browser you use.
There are five common conditions that can make this seem more frequent or otherwise occur at surprising times. Understanding these might help make these prompts more routine.
1) Using multiple computers and phones: Each one maintains a separate SSO session which will have to be started each day
2) Different browsers or incognito windows: Similar to using different computers, different browsers don’t share SSO sessions and will require separate logins.
3) It is fairly unusual, but higher security applications might require an immediate login to ensure that you’re still the one using the computer.
4) The extra, second-factor step is much less automatic than entering your password, particularly if your password is saved in your browsers, Last Pass or another password manager.
5) Applications can have a wide variety of session times. Therefore, you can be prompted for a password and Duo when linking from an application with a session time longer than Login's.
Finally, you might find these login prompts more routine if you use a hardware token that can remove some of the headache of unlocking phones, waiting for network messages, or entering codes. This can be particularly useful if your work involves testing, clearing browser cookies, or using unusual numbers of computers or browser. Please visit the Technology Support Center in the Clough ULC if you think this will help.