Re: Seeing this in user logs - No secure factors registered

billcon · ‎09-01-2023

Hello -

We have started to see a tag on several successful Duo user authentication events where it says "No secure factors registered". This is in bold, red text. I am not finding any information about this error / warning. Does anyone know what this means and if it is something to be concerned about?

DuoKristina · ‎09-11-2023

Hi @billcon . That message means that the user who authenticated does not have any of what we consider a "secure factor" enrolled in Duo for authentication, like a WebAuthn security key or platform factor like Touch ID on a Mac, or a phone with Duo Mobile activated to respond to a verified Duo Push request.

It serves as a warning to you that if you were to enable risk-based factor selection in Duo those users who don't have a secure factor might find themselves unable to log in if they get put into a step-up authentication scenario.

Duo, not DUO.

ejz218 · ‎11-14-2023

Can we get a report with all users with no secure factors registered? That would allow us to address the situation.

DuoKristina · ‎11-14-2023

Not at this time, no. You can create exports listing the registered secure factors and the users attached to them but not users who don't have a secure factor.

Please contact your Duo account exec or Duo Care customer team to create a feature request for such reporting capability. If you don't have a Duo direct contact you can also reach out to Duo Support to submit the feature request.

Duo, not DUO.