Policy & Access Control

I am using AWS Managed Microsoft Active Directory for authentication management. I have set up a RADIUS server and linked it with Duo for 2FA.The authentication process requires a username and password, followed by a 2FA prompt from Duo, which then s...

Hello,      We are using Duo for both Remote Access VPN on a Cisco firewall and our Office 365. Recently, password spray attacks against the VPN have been causing some of our users to become locked out of Office 365. We have enabled threat detection ...

Dear Team,We're wonder about the trusted endpoint for checkpoint VPN client. let's say it in a way that we are looking for when remote user is connecting to vpn wanted to check the trust like : Ad joined or Device id or others..  any suggestion would...

Hello, We are updating policies within our org and would like to limit the number of users attempting to verify through duo using passcode (duo or sms) when push is available to them. I have created a new policy removing all authentication methods be...

I have installed duo authentication successfully on Linux VM's. When we ssh to the server, we get a password prompt and a duo push notification on our cell phone. However, when we login to the server from the vCenter console, we get a duo push notifi...

I installed duo security on windows 10 and it works correctly - when the windows lock screen appears i type password and duo pops, all correctly.On the other computer (11 home 10 enterprise) on the 11, nothing happening. I dont see the windows login ...

Having an issue with DUO desktop, think its related to the MacOS beta for Sequoia. Any idea when this will be updated?https://developer.apple.com/documentation/macos-release-notes/macos-15-release-notesApplication FirewallDeprecationsApplication Fire...

When a users password expires and they are prompted at logon to change it they are receiving "The password on this account cannot be changed at this time". This only happens with Duo users, if the user is put into bypass they are allowed to change th...

I just wanted to know if there were other organizations that are facing similar issues with the MFA requirement for CJI assessing devices. https://www.police1.com/cybersecurity/3-ways-to-meet-the-new-cjis-mfa-requirementsWe have a department trying t...

We have many staff members logging in to Duo, and many don’t remember they need to select the “Remember me for 4 hours” button. It would be great if this was on by default.

Is there a way to block countries using the authentication method?  For example I am able to block countries if the device IP shows in a country (that is not US, Canada, or India), but I want to block if the device IP is in say, the US, Canada, or In...