Your  Account:

Introducing Duo TOTP

We are implementing changes due to the recent phishing attacks that have targeted our university. Unfortunately, some individuals have fallen victim to these attacks by either mistakenly approving unauthorized Multi-Factor Authentication (MFA) push notifications or disclosing their Duo passcodes to the attackers.

DO NOT share your CSUSM password, Duo Passcode, or Duo Authentication numbers with anyone. If someone asks you for any of these via email or text message consider them suspicious and do not respond; first reach out to This goes for any any suspicious activity, please report and get a second opinion.


We will be making a change to our current Duo Passcode option. We will be transitioning from the current Hash-based One Time Password (HOTP) method to Time-based One Time Password (TOTP) method. In simpler terms, this will make the passcode more secure by expiring/generating every 30 seconds to prevent attackers from harvesting and re-using passcodes at a later time. The only requirement for this configuration to work is you must be on Duo Mobile app version 4.49 or later

duo totp