04-18-2023 03:10 AM
My client has one user who refuses to enable device locking on their personal mobile and therefore Duo won’t install. They’re currently set to bypass until this is resolved. Not an uncommon tale and the friction between a tiny minority and BYOD isn’t something new. You’d think been given the benefit of working from home would buy some good will but clearly not.
We’d still like to use Duo Push instead of bypass. Is there anyway to turn off the mobile security checks for one user? Not ideal in the slightest and I’m making sure my back is covered
04-18-2023 07:08 AM
Hey Rob.
You can try this:
I’ve had to do this for specific users and it works well.
04-18-2023 10:02 AM
Thanks I’ll give that a go.
04-19-2023 03:12 AM
I’m struggling at the first hurdle I can’t see anywhere when I create a policy to disable the mobile security check?
04-19-2023 05:39 AM
Hmm… your screen looks different from mine. What edition of Duo are you on? I’m on Duo Access.
04-19-2023 05:55 AM
Duo MFA… adding more to get to 20 characters.
04-20-2023 06:16 AM
Ah, sorry man. It looks like it’s not a feature in Duo MFA.
Enforce device trust policies based on security health of mobile devices (encryption, tampered, screen lock, biometrics)
is for Duo Access and Duo Beyond.
04-20-2023 08:46 AM
Ohh well. We’ll continue to apply pressure to the one employee to turn screen lock on. Otherwise we’ll be buying them a really crappy mobile just for this
04-20-2023 12:01 PM
Could you use SMS, a hardware token, security key, or yubikey for this user? At the very least I prefer using a bypass code instead of putting a user in bypass.
05-22-2023 05:45 AM
The client applied, err, pressure to the user to enable PIN on their phone.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide