I have several devices that two people need access to. I configure the device for both users and when either authenticate the other is notified. Is this by default or am I missing something. It’s very misleading when two people are accessing the same device and they get a notification when the other is logging on.
Check that each person has their own login and is associated with their own phone. If you are sharing login accounts, that would be why. I’m not saying you’re sharing accounts but, if properly licensed, it is perfectly allowed but it does cause issues with any MFA, not just Duo. How is it supposed to know a shared account/phone number is for User B if it’s always logging in as User A? Or, if you indeed have multiple users defined in Duo but are adding everyone’s phone to each user, that wouldn’t work right, either. One phone (unless that person has multiple phones) per person should solve your issue.
Just FYI, it’s not common that we share accounts, at least not for Windows, because each person has to be licensed. Microsoft licenses by per user, not per account. I have 1 Microsoft license for myself yet I have multiple Windows accounts, just because I manage multiple domains and servers. Sure, we could share 1 license, 1 account and pretend we’re all the same user but that would be a violation of the Microsoft licensing terms. The license is by honor but, if you’re caught, could spell trouble for your firm. My firm was audited 3 times by Microsoft but, fortunately, each time they found us all properly licensed.