07-05-2022 07:51 PM
In order to fight against 2FA bombing possibilities, I’d like to see Duo not only show the notification that a 2FA approval is needed, but it also show a two or three letter/number code on the screen of both the computer and smartphone to confirm that it was the specific login attempt I just did. I know it would be rare to be logging in at the exact same time as a hacker who happens to have stolen your master password, but I am sure it will happen someday when someone has hijacked my machine and is watching me type with a keylogger.
Dan
07-06-2022 06:44 AM
Welcome to the community BTW. I’m not sure if this will help but there was a recent post similar to this.
07-06-2022 07:16 AM
Hi @Dan_Shenk-Evans, thank you for posting!
Short answer: Yes. You have the winning idea.
Duo has been developing a short alphanumeric code that lets the end-user verify their own two-factor push notification. We plan to release this with general availability in Fall '22.
Tim
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide