cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1212
Views
0
Helpful
1
Replies

Duo Push - Multiple Logins - Multiple Prompts - Server Identification

Simon_Henson
Level 1
Level 1

When I action a DUO PUSH from a one of many similar VMs (all behind the same firewall) that reside together. How do I know from which server the push originated - I ask because my APP (Android) - often seems to prompt multiple times - and I am concerned that I may be authorising logins to other VMS - i.e. being hacked - is that possible - or is it just the APP - or is there a possible attack vector…

1 Reply 1

Amy2
Level 5
Level 5

Hi @Simon_Henson, welcome to the Duo Community! I’d start with trying to address the issue of receiving multiple Duo Push authentication requests during login first. This a common issue with many potential solutions, depending on which application you are protecting with Duo.
For example, we have the following help articles on this subject:

What application(s) are you currently protecting with Duo today?

When determining whether a Duo Push is fraudulent or not, you want to look at name of the application you are logging into, the timestamp of the authentication attempt, and the location as well. If any of these seem off, you can report the push.

If these VMs appear as separate accounts in your account list in Duo Mobile, you could rename the accounts to help you better identify them. I hope that helps!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links