Solved: Mac OS lock screen doesn’t prompt for Duo MFA

jloesch · ‎09-21-2022

When the user account is logged out it works fine.

Is there a way to set up it so it enforces 2FA authentication after the machine goes to sleep or locked?

DuoPablo · ‎09-22-2022

Currently, we do not support users being prompted for MFA on macOS after screen saver unlock (as opposed to startup or after fully logging out of a user session).

Please feel free to submit this as a feature request with your Duo Account Executive, Customer Success Manager (if applicable), or our Support Team.

Hope this helps!

View solution in original post

DuoPablo · ‎09-22-2022

Hi @jloesch ,

Currently, we do not support users being prompted for MFA on macOS after screen saver unlock (as opposed to startup or after fully logging out of a user session).

Please feel free to submit this as a feature request with your Duo Account Executive, Customer Success Manager (if applicable), or our Support Team.

Hope this helps!

jloesch · ‎09-22-2022

Thank you for the confirmation

LGD · ‎09-22-2022

Hi,
If you have plans to use Security keys like Yubikey for MacOS login, check out Yubikey’s implementation for MacOS login. Security key is required for the FDE login, user login and login from screen lock/screensaver. IMO Duo’s implementation is still immature.