- How Does NetID+ Work?
- Enrollment Instructions
- Login by device type
- Login to UAConnect (Outlook Web Application or OWA)
- Enabling Global NetID+
- Bypass Codes
- Additional Account Management Information
- Video Tutorials
- UA VPN Use with NetID+
- Publications and Handouts
- International Travel Information
- Support or Assistance
- Something you know (e.g., bank account username and password), and
- Something you have (e.g., cell phone receiving text messages with additional code verifying your account).
How Does NetID+ Work?
After you sign up for NetID+, you will complete the first authentication step by entering your UA NetID and password on the UA WebAuth page, as you normally do. You can complete the second step in a variety of ways, depending on your preferences and the methods available to you. These methods include:
- responding to an alert on your smartphone or tablet
- verifying through phone calls
- entering one-time use passcodes received through text messages
- generating one-time use passcodes via the Duo Mobile app
- using a Yubikey hardware token to generate passcodes
- entering a bypass code, which can be generated after enrollment
Available to UA faculty, staff, and students. NOTE: NetID+ is required in order to access campus Virtual Private Networks (VPN), UAccess Employee Direct Deposit Screen, and the Outlook Web App (OWA) services.
- Enroll for use with a Smartphone
- Enroll for use with a Cell phone w/Text Messaging
- Enroll for use with a Voice Call (Cell or Landline)
- Enroll for use with a Tablet/iPad
- Enroll for use with a Hardware Token
- Login Using a Smartphone or Tablet
- Login Using Cell Phone Text Messaging
- Login Using a Voice Call (Cell or Landline)
- Login Using a YubiKey
After you have signed up for NetID+, it is recommended that you enable the 'Global NetID+' setting. The global feature will enforce two-factor authentication for all sites utilizing UA WebAuth authentication services for login, such as CatMail, D2L, and UAccess. In addition, two-factor authentication can help protect your UA account, even if your UA NetID password is compromised. NOTE: If you have not enabled Global NetID+, your security is greatly diminished.
You can configure phones that can be used as Lifeline devices when your regular devices are unavailable. A Lifeline phone usually belongs to somebody you trust and with whom you can easily communicate.
For example, if you lose your phone and need to use NetID+, you can log in to the NetID+ management site using just your NetID and password. After you log in, you will see an option to 'Use a Lifeline'. When you choose the lifeline you would like to use (you may have more than one configured) , a verification code will be sent by text message or a phone call to that phone. The owner of that phone can communicate the code to you, and you can enter the code into this application to produce a list of ten bypass codes. Those bypass codes will allow you to complete NetID+. After completing NetID+ login, you can go to the Manage your Account page to manage your NetID+ devices. You can remove your lost phone and configure a new device for future logins. You can also print out more bypass codes.
Bypass codes are generated from the NetID+ self-service site and are intended to be used as a 'rescue' mechanism, when you do not have access to any of your registered devices. Bypass codes may be printed out and carried with you (e.g., in your wallet or purse) or stored in a secure location. Bypass codes are generated in batches of 10 and can be used in any order (unlike SMS passcodes, which must be used sequentially). Each bypass code is good for a single use and generating a new list of bypass codes will invalidate the previous list. Bypass codes are distinct and separate from SMS passcodes – generating a new batch of SMS passcodes will not affect your current list of bypass codes (and vice-versa).
- Reactivating a Smartphone for use with NetID+
- Deleting a Device from NetID+
- Adding a Device for use with NetID+
Video tutorials have been created for using NetID+, such as enrolling and logging in to NetID+, generating and using Lifelines, enabling Global NetID+, and other features. Click here to access the videos.
NetID+ Use with the UA's VPN Client
Establishing a VPN connection with NetID+ is very similar to the normal sign-on process. When you start your VPN client, you will be prompted for your NetID username and password as before, but there will be an additional field titled NETID+ Method.
To access VPN with NetID+, you can do one of the following:
- Enter a numeric passcode that was generated on your device or on the NetID+ Manage Your Account page, or
- Type push, phone, sms, or passcode in the NetID+ Method field:
- UA Launches NetID+ to Provide Stronger Protection for Campus Data -- Lo Que Pasa 3/26/14
- Two-Factor Authentication and NetID+ - Secure Cat Courier June 2014 -
- Don't Get Hooked by Phishing Attacks -- Lo Que Pasa 10/17/14
- NetID+ Just Got Better -- SecureCat Courier January 2015
- VPN Access Requires NetID+ Beginning April 30 -- Lo Que Pasa 3/11/15
- UA Retirees and NetID+: What You Need to Know
- Login Handouts (3 to a page-pdf documents) -- these handouts are designed to be copied two-sided, and provide simple instructions for logging into WebAuth and OWA using NetID+, as well as connecting to the VPN using NetID. Click on any of the images below to download the appropriate instruction sheet.
We recommend that international travelers use NetID+ to generate a list of NetID+ Bypass Codes* and register at least one NetID+ Lifeline before traveling. NetID Bypass Codes are generated in batches of 10 via the NetID+ website; each code is good for one login, and you can generate more at any time.
*Your last bypass code should be used to generate a new batch of bypass codes, if you do not have access to any other enrolled device.
Note: If you travel internationally and use SMS text message passcodes as your primary NetID+ authentication mechanism, the text messages you receive may incur substantial roaming charges. If you have a Google Voice account tied to an external Gmail account (i.e., @gmail.com, not @email.arizona.edu), you can set that up with NetID+ as an SMS-capable phone and configure it to deliver incoming SMS messages to your Gmail mailbox.
If you expect to travel internationally and cannot set up Duo Mobile as your NetID+ authentication method, then bypass codes, a Yubikey hardware token, or the aforementioned Google Voice approach are your best alternatives.
- For support or assistance with NetID+, contact the 24/7 IT Support Center at (520) 626-8324, complete a UAssist request form.
- NetID+ Enrollment
- Tutorial Videos