Multi-Factor Authentication (MFA)

Duo’s MFA solution is user-friendly, highly secure, and adaptable to a variety of environments. Duo requires only a smartphone for authentication, using the Duo Mobile app (available on iOS and Android) to send push notifications for fast, easy authentication. Duo’s flexible authentication options, including Duo Push and WebAuthn, allow each client to select the ideal method to suit their security needs, offering powerful protection against threats like man-in-the-middle (MITM) attacks.

Duo offers a scalable security platform that fits organisations of all sizes and security needs. With three distinct editions, each business can find the MFA solution that best suits their requirements.

Provide your clients with a security solution that’s both easy to implement and highly effective, helping protect them against modern cybersecurity threats.

Duo integrates seamlessly across on-premises, web-based, and cloud-based applications, securing every access point from a single, user-friendly platform. Deployment is straightforward, and Duo’s intuitive management dashboard makes it easy for your clients to monitor and control access.

Duo enables organisations to adopt a zero-trust security model with ease, securing the modern workforce through a comprehensive all-in-one platform. Duo’s solution verifies user identities, assesses device health, enforces adaptive access policies, and protects productivity with secure remote access and single sign-on (SSO) capabilities.

Push-based MFA enhances security by using multiple factors to verify identity with a simple, user-friendly experience. Instead of entering a code, the user receives a push notification on their mobile device to approve the login attempt.

This approach, championed by providers like Duo Security, offers higher security and convenience compared to SMS or TOTP.

Time-Based One-Time Password (TOTP) MFA generates a unique code directly on the user’s device, typically through a QR code scanned by a mobile authenticator app. This produces a temporary passcode that the user enters to access an account. TOTP codes expire after a set period and generate a new code with each login attempt, offering a secure and time-sensitive approach. TOTP operates within the Open Authentication (OAuth) framework.

With SMS two-factor authentication, a security code is sent via text message to the user’s mobile device.

The user enters this code on the website or application they’re logging into, confirming their identity.

Developed by the FIDO (Fast IDentity Online) Alliance and the W3C, WebAuthn (Web Authentication API) enables strong, public-key-based authentication. This technology allows services like Duo to use built-in security capabilities on devices such as laptops and smartphones, enabling seamless authentication using the hardware and software users already have.