Our Product

Our Product

Simple Tools for Complex Security Needs

Connect and protect your employees, business partners and customers with identity-powered security.

Explore All Products

How Does Duo Work for You?

Get the security features your business needs with a variety of plans at several price points.

Duo for Small to Medium Businesses

Desktop and mobile access protection with basic reporting and secure single sign-on.

Duo for Enterprise

All Duo Small/Medium Business features, plus adaptive access policies, greater device visibility, plus advanced device insights and remote access solutions.

Duo for Federal Government

FedRamp authorized, end-to-end FIPS compliant, streamlined solutions.

Duo for State and Local Government

Meet compliance objectives with our friction-free MFA.

Compare Editions

Key Capabilities

Duo provides secure access to any application with a broad range of capabilities.

Multi-Factor Authentication (MFA)

Verify the identities of all users with MFA.

Remote Access

Provide secure access to on-premise applications.

Device Trust

Ensure all devices meet security standards.

Single Sign-On (SSO)

Provide secure access to any app from a single dashboard.

Adaptive Access Policies

Block or grant access based on users' role, location, and more.

Explore Demos Contact a Duo Rep
Solutions

Solutions

Secure Access for a Variety of Industries & Use Cases

Duo’s security is customizable, easy to set up and simple to use, making it the perfect solution for a wide range of industries.

Explore Our Solutions

By Industry

Duo provides secure access for a variety of industries, projects, and companies.

K-12 Education

Higher Education

Finance

Healthcare

Legal

Retail

Technology

Federal Government

State & Local Government

Meeting Your Goals

Whether you're considering a big-picture security strategy like zero trust, or you want to address a specific threat like phishing attacks, Duo has you covered.

Access Management

This set of tools and policy controls ensures only the right users have access to applications and resources and under the right conditions.

Zero Trust Security

A zero trust model establishes trust in users and devices through authentication and continuous monitoring.

Passwordless

Duo's comprehensive access security sets the stage for user-friendly, password-free multi-factor authentication.

Phishing Prevention

Secure your workforce against phishing attacks with strong multi-factor authentication, device trust and more.

Risk-Based Authentication

Duo’s dynamic solution detects and responds to potential threat signals to secure trusted users and frustrate attackers.

Explore Demos Contact a Duo Rep
Why Duo?

Why Duo?

Strong MFA Security that Doesn't Sacrifice Productivity

With Duo, you can have both, in a platform that integrates across your entire ecosystem. Every user, every device, no exceptions.

Why You Should Choose Duo

Have It All

Duo delivers peace of mind with strong security and increased productivity at an unmatched value.

Speed to Security

Reduce friction and automate processes so that end-users and administrators can focus their time on moving your business forward.

Next Level MFA

Duo continues to pioneer MFA-approaches that keep your business a step ahead of the next threat.

Protection and Productivity

Our Risk-Based Authentication reduces the burden placed on users so they can verify their identity quickly and get back to the task at hand.

Complete Coverage

Close the gap on your security perimeter and bring every user and every device under one secure roof.

Explore Customer Stories

Duo provides secure access for a variety of industries, projects, and companies.

Explore Duo Demos

Click through our instant demos to explore Duo features.

About Duo

Duo Security is part of Cisco Secure — find out how we make global security resilience easier than ever!

Explore Demos Contact a Duo Rep
Pricing
Duo Blog
Docs & Support

See All Duo Documentation

Getting Started with Duo

Duo Essentials Edition

Remote Access & VPN

See All Duo Resources

Events & Webinars

eBooks

Duo Videos

See all Duo Support

Support for Duo Users

Support for Admins

Additional Support Information
Admin Login

Contact Sales Free Trial

Authentication Methods: First Line of Defense

User authentication methods let your users verify their identity and access applications securely, no matter the circumstance. An employee left their phone at home? Need to authenticate without an internet connection? Want a passcode-free login experience? Duo’s got you covered. With so many ways to do it, we'll help you find the best authentication method for your business.

What are Common Ways to Authenticate?

Passwords are the most common authentication type—yet compromised credentials are the cause of nearly 50% of breaches. To reduce risk of data theft, phishing, and malware, single-sign on (SSO), passwordless, and multi-factor authentication (MFA) methods offer a number of authentication types to secure users' access to applications and resources.

Authenticator Apps

An authenticator app can be downloaded directly to your mobile phone. These apps allow users to prove their identity with a passcode or single tap. If an unauthorized user attempts to log in using their credentials, an authenticator app notifies the user and allows them to deny access, stopping the attacker in their tracks.

Passcodes and Tokens

Passcodes and tokens use a secret combination of numbers to prove your identity when trying to access an account or system. After entering your login information, a physical or digital token device generates a one-time passcode (OTP). The code is received via email, text, or a mobile authentication app and needs to be submitted to verify the user’s identity and grant access.

Biometrics

Biometric authentication relies on biometric data such as fingerprints, facial recognition, or retina scans to verify a user’s identity. This reduces the risk of password-related security issues and delivers a streamlined authentication experience.

What are Duo's Authentication Methods?

Duo Push

Duo Push is our most commonly used two-factor (2FA) authentication method, thanks to its simplicity and reliability. Users just download the Duo Mobile app and are automatically prompted to confirm each login attempt—all it takes is a single tap. For added security, users can complete Verified Duo Push by entering a unique code from the login device on the Duo Mobile app.

The New York Times Wirecutter named Duo the best two-factor authentication app. See how Duo can protect your accounts in the links below.

WebAuthn and Biometrics Authentications

Duo authentication methods allow users to physically authenticate using a built-in biometric authenticator, such as TouchID, via WebAuthn. For devices without a built-in biometric sensor, USB-based Fast Identity Online (FIDO) security keys can bridge the gap.

Learn More About Using Biometrics and Security Keys With Duo

Tokens and Passcodes

Duo also accommodates more traditional two-factor authentication (2FA) controls. Users can confirm their identity using a secure passcode generated by a physical token, a mobile device, or a network administrator.

Learn About Using Tokens and Passcodes with Duo

Frequently Asked Questions (FAQ)

Expand All

What are the Three Main Types of Authentication Methods?

Combinations of these authentication techniques are often used for MFA and 2FA authentications.

Something you know: This knowledge-based method relies on something the user knows, such as a password, PIN, or personal security questions.
Something you have: This method verifies user identity through a physical item the user possesses, such a mobile phone, a security token, or a smart card. The item either generates or receives an OTP or serves as a physical key.
Something you are: Biometric authentication types, such as fingerprints and facial recognition, can be used to physically verify the user’s identity.

What are the 3 A's of Authentication?

Authentication is a multi-layered security tool. Following the Authentication, Authorization, and Accounting (AAA) framework can help manage user access, enforce access policies, and improve the system.

Authentication: As the first process in securing user access, authentication provides a way for the user to verify their identity. Several authentication methods exist, ranging from passwords to secure methods like MFA or single sign-on.
Authorization: In tandem with authentication, the user is authorized to access certain tasks or resources. For example, to change network configurations, a user must first be authorized.
Accounting: Accounting measures the resources used during a user’s access, like session duration or data use. User behavior and system usage data can be used to improve both security authorization controls and resource utilization.

See Duo's MFA methods in action with a free trial.

Try Duo's MFA