We have started to see a tag on several successful Duo user authentication events where it says "No secure factors registered". This is in bold, red text. I am not finding any information about this error / warning. Does anyone know what this means and if it is something to be concerned about?
Hi @billcon . That message means that the user who authenticated does not have any of what we consider a "secure factor" enrolled in Duo for authentication, like a WebAuthn security key or platform factor like Touch ID on a Mac, or a phone with Duo Mobile activated to respond to a verified Duo Push request.
It serves as a warning to you that if you were to enable risk-based factor selection in Duo those users who don't have a secure factor might find themselves unable to log in if they get put into a step-up authentication scenario.
Not at this time, no. You can create exports listing the registered secure factors and the users attached to them but not users who don't have a secure factor.
Please contact your Duo account exec or Duo Care customer team to create a feature request for such reporting capability. If you don't have a Duo direct contact you can also reach out to Duo Support to submit the feature request.