User authentication methods let your users verify their identity and access applications securely, no matter the circumstance. An employee left their phone at home? Need to authenticate without an internet connection? Want a passcode-free login experience? Duo’s got you covered. With so many ways to do it, we'll help you find the best authentication method for your business.
Passwords are the most common authentication type—yet compromised credentials are the cause of nearly 50% of breaches. To reduce risk of data theft, phishing, and malware, single-sign on (SSO), passwordless, and multi-factor authentication (MFA) methods offer a number of authentication types to secure users' access to applications and resources.
An authenticator app can be downloaded directly to your mobile phone. These apps allow users to prove their identity with a passcode or single tap. If an unauthorized user attempts to log in using their credentials, an authenticator app notifies the user and allows them to deny access, stopping the attacker in their tracks.
Passcodes and tokens use a secret combination of numbers to prove your identity when trying to access an account or system. After entering your login information, a physical or digital token device generates a one-time passcode (OTP). The code is received via email, text, or a mobile authentication app and needs to be submitted to verify the user’s identity and grant access.
Biometric authentication relies on biometric data such as fingerprints, facial recognition, or retina scans to verify a user’s identity. This reduces the risk of password-related security issues and delivers a streamlined authentication experience.
Duo Push is our most commonly used two-factor (2FA) authentication method, thanks to its simplicity and reliability. Users just download the Duo Mobile app and are automatically prompted to confirm each login attempt—all it takes is a single tap. For added security, users can complete Verified Duo Push by entering a unique code from the login device on the Duo Mobile app.
The New York Times Wirecutter named Duo the best two-factor authentication app. See how Duo can protect your accounts in the links below.
Duo authentication methods allow users to physically authenticate using a built-in biometric authenticator, such as TouchID, via WebAuthn. For devices without a built-in biometric sensor, USB-based Fast Identity Online (FIDO) security keys can bridge the gap.
Duo also accommodates more traditional two-factor authentication (2FA) controls. Users can confirm their identity using a secure passcode generated by a physical token, a mobile device, or a network administrator.
Combinations of these authentication techniques are often used for MFA and 2FA authentications.
Authentication is a multi-layered security tool. Following the Authentication, Authorization, and Accounting (AAA) framework can help manage user access, enforce access policies, and improve the system.
See Duo's MFA methods in action with a free trial.