Modern Two-Factor Authentication
Duo Security enables your users to secure their logins and transactions using their smartphones. The Duo Mobile smartphone application is free and available on all major smartphone platforms, and lets users easily generate passcodes without the cost and hassle of hardware tokens. iPhone, Android, BlackBerry, and Windows Phone users can use Duo Push which “pushes” login or transaction details to the phone, allowing for immediate, one-tap approval. Watch the Duo Push demo
Older devices like cellphones and landlines are also fully supported. Duo can send passcodes via text message, or place a phone call — users just press a button on their keypad to authenticate.
Duo also sells and supports hardware tokens for users who prefer them. Hardware tokens can be ordered from the Billing section of the administrative interface.
How it Works
First, users type in their usernames and passwords as usual. If primary authentication succeeds, they are offered a choice of authentication method. All methods are explained with help text, and interactive status messages explain the process in real-time: “Calling you…”, “Press any key to authenticate”, etc.
Duo supports diverse user bases by allowing users to authenticate with whatever method is best for them. Some users will prefer the Duo Mobile app while others would rather carry a hardware token. Users can enroll multiple phones, a phone and a hardware token, etc.
Under the hood, primary credentials are checked by your infrastructure (database, LDAP server, etc.) — Duo never sees your users’ passwords. The process looks something like this:
Seamless Integration
Duo integrates seamlessly into your VPN, web application, or Unix server environment. You can be up and running in less than fifteen minutes since there’s no hardware to install and nothing to distribute to users. Deployment is simple since users enroll their own devices from their own computers. Choose your platform to learn more:
VPN · Duo integrates with your VPN to protect remote access.Learn more »
Unix · Protect local and remote logins with our open source Unix integration. Learn more »
Web applications · Use our SDK to add two-factor authentication to your web application. Learn more »
Secure & Reliable
Duo Security takes security, reliability, and privacy very seriously. The service operates completely independently from primary authentication, which mean that Duo never sees users’ passwords or any personally identifying information. Duo is hosted by PCI DSS Level 1- and ISO 27001‑certified, SAS70 Type II‑audited service providers, across multiple geographic regions and independent power grids. More about Security & Reliability
