Some online security procedures require only a simple username and password to gain access. Such 'single-factor' authentication systems have become increasingly easy for hackers with malicious intent to gain access to a user’s private data or damage enterprise IT systems. SLAC therefore now uses a two-factor (or 'two-step') authentication process, called DUO.
You can get DUO through Cisco's own DUO web site, or through Stanford's web site, https://uit.stanford.edu/service/authentication/twostep. See for instance, How to Set Up a Smartphone for Two-Step Authentication. While on the Stanford web site for DUO, it's a good idea to register your DUO for Stanford using the "My Settings & Devices" link from the Two step authentication page.
Once you have DUO, enroll it also in SLAC's Two-Step Authentication, at Two-Step Authentication (windows login required).
When you have DUO enrolled for both Stanford and SLAC, you'll be able to access both restricted Stanford web sites, such as the Stanford employee site AXESS, and also SLAC restricted web sites.