Setting hardware tokens as primary authentication method


I’m trying to find out if there is a way to configure a hardware token as the primary authentication method for someone’s account (if you have other things set up like a phone on that account). In the duo self service portal, it does not show the hardware token as an option in the default device drop-down, and I don’t see any settings in the admin panel to make it so. If anybody knows if / how this can be done that would be awesome.

As a side note, this would primarily be while using Duo with office 365 (through conditional access), though it doesn’t seem to work other places we have it implemented either.


Actually, never mind – I didn’t realize you could just select enter passcode and have that work with the hardware token instead / as well as the phone’s soft token.