Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1339
Views
3
Helpful
3
Replies

Set Authentication Frequency

Go to solution
MrMas
Level 1
Level 1

‎06-11-2021 06:17 PM

Hi there.

I’ve got Duo set up on Linux using with the RADIUS application and working well. However, for some users, I would like to allow them to login in for some period of time after authenticating through Duo without having to authenticate on each login.

Is there a way to set on a per-user or per-group basis how often the users need to authenticate through Duo?

I thought I had previously seen how to configure this but I don’t see it in the admin panel and I don’t see an appropriate option in the authproxy.cof.

It could be that the option isn’t available any longer since my free trial has expired. This isn’t a big deal since I plan to sign up for a paid plan. If a paid plan is required, which levels support it?

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
DuoKristina
Cisco Employee
Cisco Employee

‎06-14-2021 10:35 AM

Remembered Devices is a policy setting available in paid plans that lets a user minimize Duo auth requests by remembering their browser when they log in with an application that shows Duo’s interactive web-based prompt.

However, the Remembered Devices policy isn’t applicable to RADIUS integrations that don’t show the browser prompt. There is no option to configure a trusted or remembered session for these RADIUS integrations.

Duo, not DUO.

View solution in original post

3 Replies 3

Go to solution
DuoKristina
Cisco Employee
Cisco Employee

‎06-14-2021 10:35 AM

Remembered Devices is a policy setting available in paid plans that lets a user minimize Duo auth requests by remembering their browser when they log in with an application that shows Duo’s interactive web-based prompt.

However, the Remembered Devices policy isn’t applicable to RADIUS integrations that don’t show the browser prompt. There is no option to configure a trusted or remembered session for these RADIUS integrations.

Duo, not DUO.

Go to solution
MrMas
Level 1
Level 1

‎06-14-2021 11:45 AM

Thanks for the reply, @DuoKristina. In the web-based app, it sounds like the timeout is at the user discretion, but for our case, we would like to set it based on our policy but not make it configurable by the user. In other words, some users we want to authenticate more often then other users and we don’t want the users to be able to opt out of it. In any case, we’re not currently using a web-based application authentication.

Are there any plans to augment the RADIUS application in the future to support a configurable timeout? Is there a way to request such a feature?

Best,

  • Mason
0 Helpful

Go to solution
DuoKristina
Cisco Employee
Cisco Employee
In response to MrMas

‎06-14-2021 12:12 PM

You can share your feature requests with your Duo Account Executive or Customer Success Manager if applicable, or contact our Support Team.

Duo, not DUO.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents