Reducing user friction

Is there a way to reduce the number of times a Windows 10 user has to login for the various applications we have linked to Duo? Can it be more like the experience we have with Azure AD-based SSO?

Background: We are testing Duo against Azure AD integration as our SSO platform. The goal is to reduce the user friction by providing a seamless login experience on as many platforms as possible.

Our tests with Azure AD Hybrid mode have allowed the users to be automatically logged in based on their AD domain credentials, or by the fact the browser has already logged in to Office 365.

We are not having the same success on Duo. The employee is required to log in to Duo every time they open an application registered with the platform. The only way around that is using Duo Central, but that also requires the employee to log in every time they close the tab.

Hi @calspfin09278, thanks for sharing your question here in the Duo Community! I think your best bet for reducing the number of times authentication is requested would be to employ a Remembered Devices policy. You can read more about how Remembered Devices work in this help article.

This feature is similar to the “remember me” checkbox most users are familiar with when logging in to many websites. When the remembered devices feature is enabled, users are offered a “Don’t prompt me again on this device” checkbox during login. When users check this box, they will not be challenged for secondary authentication when they log in again from that device for a set period of time.

You, as the admin, can control the amount of time before authentication is required again, and also have the option to enable remembered devices Per each application or For all protected web applications.

I will give this a try. Thank you for your insight.

1 Like