10-04-2016 06:28 AM
Is it possible to configure user authentication via telephone call to use 6 digit number instead of just single number?
Duo admins are authenticated via telephone call with 6 digit number. I guess different voice authentication service used for admins.
10-04-2016 07:02 AM
Hey avs, right now you cannot require that users enter a six-digit code to auth via phone call. I’d recommend you file that as a feature request with your CSM.
However, in Settings in the Duo Admin Panel you can input which keys you’d like to use for authenticate and fraud (for example, you can make it so that “1” is authenticate and “9” reports fraud). Reference: https://duo.com/docs/administration-settings#phone-call-settings
10-04-2016 03:07 PM
So for text messaging authentication the code generated is 6-digit, but not for a phone call authentication.
Essentially phone call authentication is weaker then text message authentication, as phone call only requires single digit to login and it is always “5” required… no variation at all.
10-14-2016 03:13 PM
You can always disable authentication methods that aren’t to your liking. With Platform you can do this at the group or application level. Many security focused orgs disallow telephony altogether, at least for their most sensitive applications.
Cheers
10-21-2016 12:58 PM
I’m aware of this. Just wanted to see if Duo could step up 2nd factor authentication for phone calls.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide