Duo Windows (RDP) login

So i have deployed Duo RDP for users workstations. I was under the impression that by default, users would need to re-authenticate every time they login to their workstation. This we deployed Monday and users have only had to re-authenticate on monday and haven’t had to since. I found a setting in Globabl policies to allowe users to remember their device which I just now set for 1 day, but not sure if this is the right spot to make the change. I would like users to have to re-authenticate every time the login to Windows.