Recent Duo and Google Security Setting Changes

— Written By Jeff Ware
en Español

El inglés es el idioma de control de esta página. En la medida en que haya algún conflicto entre la traducción al inglés y la traducción, el inglés prevalece.

Al hacer clic en el enlace de traducción se activa un servicio de traducción gratuito para convertir la página al español. Al igual que con cualquier traducción por Internet, la conversión no es sensible al contexto y puede que no traduzca el texto en su significado original. NC State Extension no garantiza la exactitud del texto traducido. Por favor, tenga en cuenta que algunas aplicaciones y/o servicios pueden no funcionar como se espera cuando se traducen.

English is the controlling language of this page. To the extent there is any conflict between the English text and the translation, English controls.

Clicking on the translation link activates a free translation service to convert the page to Spanish. As with any Internet translation, the conversion is not context-sensitive and may not translate the text to its original meaning. NC State Extension does not guarantee the accuracy of the translated text. Please note that some applications and/or services may not function as expected when translated.

Collapse ▲
Security update graphic

The Office of Information Technology (OIT) has recently changed the settings within Duo Security and Google Two-Step Verification (G2SV) that will allow you to trust your devices for 14 days.

Recently, Google changed its G2SV policy for “Devices you trust,” such as your own computer, from 30 days to indefinitely, while Duo’s “Remember me” policy remained at 30 days. Due to security concerns, OIT has implemented a universal change that supports a shorter duration for “remember me” across both services and a consistent trust policy that will offer end users and the university stronger protection.

Please take a moment to review the following policy updates:

Google 2-Step Verification (G2SV)

  • The default will be that all web browser sessions will be trusted for 14 days. IF you do not log out of your Google service, clear cache or cookies, or change your password, your Google session will remain active for 14 days and you will not have to use a second factor.
    • If you log out, you will be asked the next time to 2FA. Many people do log out of Google every day, therefore they will need to 2FA each time they log back in.
    • The “remember me” checkbox will no longer be available; any login to a Google service will require 2-Step Verification (2FA).
  • Mobile app logins are unaffected unless you are using a mobile web browser to access Gmail or another Google service.


  • The checkbox to “Remember me for 30 days” will change to “Remember me for 14 days.”
  • Web sessions that are older than 14 days will prompt for Duo authentication on next login.


  • Do not “trust” machines that are not in your direct control, such as shared computers or kiosks.
  • Computers should be locked when not in use or left unattended.

If you have any questions about these changes or require assistance, please contact us by calling 919-513-7000 or emailing