Pulse Secure “Secondary Password” with 2 Factor Authentication

By Ross Madden
Published on April 9, 2018 9:43 am MT
Updated on April 9, 2018 9:58 am MT
Posted in Apple, General CNSIT, Knowledge Base, Security News, Tips and Tricks, Windows

Beginning April 25th, 2018 the Pulse Secure VPN client we know and love will start utilizing DUO two factor authentication.  This applies you to if you use the Pulse Secure desktop or mobile app to access on campus resources while you are at home or traveling (in short, if you are off campus).  While this should not come as a surprise to anyone (ACNS has been fairly liberal in their communication about this change) – please visit and sign up for this new service as soon as possible by visiting the following URL: https://www.authenticate.colostate.edu

One of the initial caveats of the current version of Pulse Secure is the moderately cryptic “Secondary Password” window you will receive.  Basically, this is asking you how you wish to provide the second factor authentication.  There are a few different options available based on the devices you have registered to handle your second factor as described at the following URL: https://secure.colostate.edu/2fa

DUO App on your Smart Phone?

If you are using the DUO app on a smart phone, you will type “push” into that Secondary Password field.  This will trigger the app on your smart phone to prompt for verification.

Office/Land line Phone?

If you are using your office phone or some other lab line as your device, you will type “phone” into that Secondary Password field.  This will trigger the automated phone call that asks for verification.

One Time Code from a hardware token or the DUO app?

If you are relying on the one time code generated by the hardware token (purchased from RAMtech on campus) or by using the DUO app to generate a code, you can simply enter that into the Secondary Password field.

Back to top of page