Simple Way to Bypass Duo with RDP

BMGraham · ‎08-05-2019

I have Duo Security set up with Windows Remote Desktop so that when I RDP to my Windows 10 machine, I get a Duo Security alert that is needed to log in.

However I have discovered that if I cancel the Duo Popup on my Windows PC, at the bottom Left corner of the Windows Login screen, there are two rectangular boxes for my userid. If I click on the second one, it wants me to authenticate via Due Security but if I click on the first one, I can simply bypass Duo Security and log in without Duo requiring me to authenticate via MFA!

I can’t believe it would be so easy to work around Duo Security. Is there a way I can stop that first login option from appearing so that Duo can’t be bypassed?

BMGraham · ‎08-05-2019

I am thinking this may related to the issue mentioned here

Duo Authentication for Windows Logon and RDP: FAQ | Duo Security?

PatrickKnight · ‎08-05-2019

@BMG4ME That is a possibility if you are using Microsoft LiveId/Account. Additionally there are a number of other scenarios we have documented here: https://help.duo.com/s/article/4341?language=en_US

BMGraham · ‎08-11-2019

I think I may have found another one which I really would rather discuss privately.

PatrickKnight · ‎08-12-2019

If that’s the case I would suggest engaging our Security Response guidance found here: Security Response | Duo Security.

Thanks!