Mobile device email Sync + O365 + DUO

We are about to engage DUO for 2FA and a question came to mind.

Like any org we will assign DUO to protect out O365 environment. We have desktops as well as mobile devices that sync email from Exchange online in O365. I understand that when an employee logs into O365 DUO will challenge them for acknowledgement and allow access.

How does this impact say a mobile phone where it is constatntly polling the Exchange online server for email updates?

  1. Will DUO only ask the user to “authenticate themsleves” the once say when the account is added to the device and no longer request the user to authenticate?
  2. Will DUO ask the user to “authenticate themsleves” each time the mobile device exchanges email (sent or recveived)?
  3. Will DUO treat the mobile device differently and ask the users to “authenticate themsleves” at certain times/events?
    4 or just how will DUO handle these devices?

Why the question. If DUO will challenge the user to “authenticate themsleves” every time a mobile device interacts (either recieves an incomming email or sends one) with a mobile device it would be impractical

Hi @mbkitmgr! Thanks for trying Duo.

In addition to this community, we have many other self-service resources, like our Knowledge Base. Try searching when you have a question that isn’t already answered in our documentation!

This Knowledge Base guide about Office 365 mail client experiences may prove useful to you:

Guide to mail client behavior when using Basic and Modern Authentication with Duo

IF you use modern authentication the behaviour for moibile application (ie IOS Mail APP , Outlook for IOs,etc) is the same as the web authentication. The firts time or when user change password they need to to do the new authentication. After that is controled by office 365 Token experiration rules. You can change it in office if you like