Policy & Access Control

Just received the email about the duo admin console not supporting browsers using cipher versions older than TLS 1.2. I appreciate the notice and transparency, but I gotta say I’m disappointed, Duo. The PCI SSC announced this requirement over a year ...

I must just be missing this…I’ve scrolled through here and don’t see it so let me ask: We have DUO working as advertised on all of our desktops. So far, so good. My question is this - if you don’t install the DUO software on an endpoint then you don...

Hi. We’re on a Free-Account using Duo to protect an MS RDP Server. This works fine in general. The only Option I’m missing now is the “authorized networks”. In another account we have this, but in the actual one I can’t see it in the settings. Is thi...

Is there a way to restrict certain Duo users to specific ip address ranges? If the IP address for the browser doesn’t match, then deny the login. (Not bypass Duo auth if the IP address range matches…which is a current feature).

Hi there Just wondering, how does Duo protect against SIM Swap attacks. EG A hacker does a SIM Swap on a users Cell Phone.They find a users password by an email Phishing attack,The user can then authenticate via Duo. Is there a way to disable text me...

Hey all. I have been using this nice tool for my win server 2012. I had a policy that said that my network 192.168.1.1/24 was allowed to access the server without 2 step authentication. I can read here Duo Security Using ...

Is it possible to disallow Phone Call for authentication while still allowing phone call for validation when using self-registration?

Is there any way to enforce DUO for Exchange admins using ECP but not enforce them for OWA use? or how to only DUO auth the admins AD group when they try to login?