Where do I need to use two-step verification?

Harvard uses DUO Security to provide two-step verification on HarvardKey. Not all University applications require the use of two-step verification.

For ease of use, you have the ability to check the "Remember me for 30 days" option on trusted devices, which allows you to verify only once a month (for each browser). VPN connection will require the use of a two-step verification code each time you login.

Here is a list of commonly used applications and whether or not they require the use of two-step verification on HarvardKey.

Application Log In With Password Two-step required?
Computer Login various HarvardKey Password NO
Email: Google
(@college, @g)
**Two-step verification is encouraged, and available through Google and Duo
xyz @college ...
xyz @ g ...
HarvardKey Password NO
Email: Office 365 (Outlook)
HarvardKey Login Name HarvardKey Password NO
Web Applications*
HarvardKey protected web pages
HarvardKey Login Name HarvardKey Password YES
Peoplesoft HarvardKey Login Name HarvardKey Password YES
my.harvard HarvardKey Login Name HarvardKey Password YES
Canvas (via web browser) HarvardKey Login Name HarvardKey Password YES
Canvas app (mobile) HarvardKey Login Name HarvardKey Password NO
HOLLIS+ HarvardKey Login Name HarvardKey Password YES
Harvard Phone self-service HarvardKey Login Name HarvardKey Password NO
Network File Share HarvardKey Login Name HarvardKey Password NO
Protected OpenScholar sites and site administration
HarvardKey Login Name HarvardKey Password YES
SharePoint/OneDrive HarvardKey Login Name HarvardKey Password NO
EMS Room Book HarvardKey Login Name HarvardKey Password YES
VPN HarvardKey Login Name or
HarvardKeyLoginName#tunnelname
HarvardKey Password YES
Secure Wireless HUID HarvardKey Password NO
Papercut NetID HarvardKey Password NO
Email: Unix NetID HarvardKey Password NO

*Web applications are anywhere where the HarvardKey gate login screen is displayed.