Mac OS X lock screen doesn't prompt for 2FA - Page 2

mohsm · ‎08-30-2018

I have Duo Security set up on a MAC. For some reason there is no 2FA prompt when the machine is locked.

When the account is logged out it works fine.

Is there a way to set up it so it enforces 2FA authentication after the machine is logged out or locked out?

Amy2 · ‎07-01-2020

Hey everyone, we don’t have much info we can share with the public at this time. The request is under consideration for the future, and we will be working on it soon. Please be sure to contact your Customer Success Manager or Account Executive if you have one to add your support to the official feature request, or to ask for more detailed updates. You can also do this via Duo Support if you don’t have a CSM or AE assigned to you!

06lewisjones · ‎09-19-2020

Any update on when this feature might come to surface?

Amy2 · ‎09-21-2020

Hi @06lewisjones, we are expanding our macOS capabilities and do plan to tackle this in the future, though we don’t have a timeline on when yet. Also, as a reminder for anyone reading, we cannot share timelines in the public community due to shifting priorities. You can always check with your Account Executive, Customer Success Manager, or a member of the Duo Support team for a more detailed status update. Learn more about how to submit a feature request here.

ITEM93 · ‎07-07-2021

I fully agree with all the comments on this thread.
Prompting for MFA on a locked session should be on by default and turning it off should be a option, however it should also be a conscious decision by the admin to disable it and lower the security of the device.
I’ll definitely be reaching out to our Partner Manager on this topic.