Welcome to the Duo Community, and thanks for sharing your question here! As you can imagine, this is a question that comes up occasionally from other customers as well, so you’re not alone here. I’m sure other admins would have good advice and pointers for you, and for now, I can share my perspective on this.
No, Duo does not support email as an authentication method, and here’s why: Email is not a secure OTP delivery since it is not tied to specific device and has weak security controls protecting that OTP access. It also does not offer reliable delivery for OTP. You can read more about this in the help article on whether Duo uses email as an authentication method.
You can accomplish this in other ways though. Please note that Duo recommends against both having a shared set of credentials for multiple users or having a single authentication device assigned to multiple users, as each of these can weaken your security posture.
Do your rotating personnel share credentials, or do they each have their own login name and password?
- In cases of shared credentials, you can add multiple devices to a single Duo user (see our help article for one-to-many object ratios in Duo for details on the limits there), so everyone in your rotating personnel could authenticate using their own phone or security token.
- In cases where everyone has their own unique credentials, but you’d like them to use the same authentication device, you can add the same device to multiple users. Take a look at this help article for more info on that.