Policy & Access Control

Can you remove the "Enter a bypass code" option

Hello, We are updating policies within our org and would like to limit the number of users attempting to verify through duo using passcode (duo or sms) when push is available to them. I have created a new policy removing all authentication methods be...

Disable duo for console login

I have installed duo authentication successfully on Linux VM's. When we ssh to the server, we get a password prompt and a duo push notification on our cell phone. However, when we login to the server from the vCenter console, we get a duo push notifi...

Resolved! Disable adding new platform authenticators, but keep existing

Hi,We are looking to disable adding new platform authenticators (Windows Hello, TouchID, etc.), but keep the current platform authenticators that our customers currently have associated with their Duo account. I found the article - https://duo.com/do...

Problem with windows 11 login

I installed duo security on windows 10 and it works correctly - when the windows lock screen appears i type password and duo pops, all correctly.On the other computer (11 home 10 enterprise) on the 11, nothing happening. I dont see the windows login ...

DUO + Apple MacOS Sequoia - Firewall is not enabled but it is

Having an issue with DUO desktop, think its related to the MacOS beta for Sequoia. Any idea when this will be updated?https://developer.apple.com/documentation/macos-release-notes/macos-15-release-notesApplication FirewallDeprecationsApplication Fire...

Resolved! Operating System policy - Android 15

In my Global Policy, I have an Operating system setting:Allow Android devices:Encourage users to update if less than the latest.Encourage to update: after 30 days.Block versions: if less than the latest.Block: after 60 days.The problem I'm having is ...

The password on this account cannot be changed at this time

When a users password expires and they are prompted at logon to change it they are receiving "The password on this account cannot be changed at this time". This only happens with Duo users, if the user is put into bypass they are allowed to change th...

CJI new MFA compliancy

I just wanted to know if there were other organizations that are facing similar issues with the MFA requirement for CJI assessing devices. https://www.police1.com/cybersecurity/3-ways-to-meet-the-new-cjis-mfa-requirementsWe have a department trying t...

Remember me - Checkbox Ticked by Default?

We have many staff members logging in to Duo, and many don’t remember they need to select the “Remember me for 4 hours” button. It would be great if this was on by default.

Authentication Method (Block countries)

Is there a way to block countries using the authentication method? For example I am able to block countries if the device IP shows in a country (that is not US, Canada, or India), but I want to block if the device IP is in say, the US, Canada, or In...

Resolved! Protecting RDP - Hardware Token without Automatic Phone Call

I'm protecting RDP in my office and some users are using hardware tokens, the rest use Duo Mobile. For the users with tokens, I'm trying to set them up to use phone call authentication in the event they leave their token at home. I have everything ...

Resolved! DUO Custom Policy Question

I am trying to create a policy so when admin accounts login to a windows computer, since they have elevated privileges, MFA is required, but when all other users login, it's not required. We already have them required to login over VPN. When I create...

Risk Based Profile - Details

Hi, I was wondering if someone can explain the Risk based profile acceptance (allowed) and timeframe; I'll explain, in doing Immpossible travel testing the first time I dit it was testing from a VPN through Norway after just logging in from Canada....

MFA twice to MFA once per laptop location

Morning All:I am deploying laptops with MFA to log into the laptop as a security protection. I want to remove the current need to MFA into the Remote Server. Primarily this causes frustration on the part of the end user. I am unable to locate a se...

trusted endpoint using guid

Hi All, Needs to configure trusted endpoint on windows/mac os user machine using guid. Can anyone know how to do it or share any relevant document

Policy & Access Control

Forum Posts

Can you remove the "Enter a bypass code" option

Disable duo for console login

Resolved! Disable adding new platform authenticators, but keep existing

Problem with windows 11 login

DUO + Apple MacOS Sequoia - Firewall is not enabled but it is

Resolved! Operating System policy - Android 15

The password on this account cannot be changed at this time

CJI new MFA compliancy

Remember me - Checkbox Ticked by Default?

Authentication Method (Block countries)

Resolved! Protecting RDP - Hardware Token without Automatic Phone Call

Resolved! DUO Custom Policy Question

Risk Based Profile - Details

MFA twice to MFA once per laptop location

trusted endpoint using guid

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Disable duo for console login

Risk Based Profile - Details

Local admin account with duo

Trust Assessment Factors

Report source IP from Kemp Loadbalancer

Disable adding new platform authenticators, but keep existing

Operating System policy - Android 15

Protecting RDP - Hardware Token without Automatic Phone Call

DUO Custom Policy Question

Remembered Devices Policy> Add Trusted Networks