Using an authenticator app will help keep your company and personal data safe. Secure all of your devices with one simple and easy authentication app: Duo Mobile, a two-factor authentication (2FA) and multi-factor authentication (MFA) solution.
It's fast and easy to log in securely with Duo Push, the more secure method of two-factor authentication supported by Duo Mobile. With Duo's single-tap, user-friendly interface, users can quickly verify their identity by approving push notifications before accessing applications. It's just as quick to deny an unfamiliar login attempt, so users can easily stop fraudulent attempts to access company data.
Duo Mobile can also generate time-based one-time (TOTP) passcodes that users can type into their login prompt to complete the two-factor authentication process.
Before Duo, we had hundreds, if not thousands of attempts to compromise user accounts almost daily. Since implementing Duo, we don’t see it as much. Not only is Duo a second line of defense but it also scares the attackers off. Read the Customer Story— Aaron Thalman, Security Engineer, IDEA Public Schools
A 2FA mobile app is a smartphone application that helps users log on to other apps with more security. Two-factor authentication is a type of tool used to verify an online user’s identity. There are a variety of different types of second factors, or ways to verify said user’s identity. For instance, some 2FA apps require users to verify their identities with their fingerprints, or biometrics.
Other 2FA apps utilize push notifications, which require identity verification with a non-biometric tap of the screen. Some 2FA apps, like Duo Mobile, combine location-based identity verification with push verification, sending users a reading of their location and the option to tap the screen to confirm.
When a Duo Mobile user from Austin, Texas logs on to Salesforce on their work computer, they receive a notification from their 2FA app. When they open the notification, they see that their location-based authentication reading is coming from Austin, Texas. The user is in the location their 2FA app identified, so they can confidently tap their screen and verify their identity when they log into Salesforce.
If that same user receives a Duo Mobile notification to verify a Salesforce login when they have made no login attempt themselves, they know that a bad actor is trying to access their data. When they open the 2FA app to view the notification, they then see that the login attempt came from Kraków, Poland. They now have the location of the bad actor and can immediately report the malicious behavior to their company’s administration.
The Duo Mobile App helps users take an active role in protecting their accounts.
By providing a security score of users’ devices, Security Checkup empowers users to maintain the security hygiene of their mobile devices via Duo Mobile notifications. This feature is available on iOS and Android through Duo Mobile.
Provide your users with the ability to back up and restore their Duo Mobile app with Duo Restore. This feature allows Android and iOS Duo Mobile users to back up their Duo-protected accounts and recover them when they get a new device — no help desk ticket needed.
From an end user standpoint, using a 2FA mobile application is a simple but important part of securely accessing data. After a 2FA app has been properly installed onto a user’s device, be it a personal device or company-managed device, they then can enroll their individual logins in the service.
Some 2FA solutions like Duo integrate seamlessly right out of the box. After setup is complete, the user will be asked to confirm their identity at every login by use of their 2FA mobile app. That means that when the end user logs onto Microsoft Outlook, their device that the 2FA app is installed on will now prompt them to verify their identity before granting them access to their emails.
Multi-factor authentication apps and two-factor authentication apps are identical except for one key difference: how many different types of verifications are used. While 2FA refers to a second or additional identity verification method added to a password or PIN, MFA refers to verification that uses more than two additional identity verification methods. This means that a 2FA app is a type of MFA app. Let’s break it down a little further:
MFA is an access security solution. There are multiple ways to verify with MFA (push notifications, biometrics, location, etc.). MFA is often used in authenticator apps to support other factors of verification, or by itself. In short, MFA is simply 2 or more verification methods added to a password or pin.
Example: A user logs on to their Gmail account with their username and password. Their MFA app asks them to both verify their location and provide their fingerprint before granting them access to their account.
2FA is also an access security solution. Like MFA, there are multiple ways to verify with 2FA (push notifications, biometrics, location, etc.) 2FA is often used in authenticator apps as well. All this said, 2FA is actually a type of MFA, but instead of using multiple factors of verification, 2FA only refers to MFA that uses single verification method added to a password or pin.
Example: A user logs on to their Gmail account with their username and password. Their 2FA app asks them to verify their location before granting them access to their account.
Duo Mobile supports multiple authentication controls — from push notifications, to biometrics, to passcodes — while maintaining a consistent, intuitive user login experience. Allow your users to choose the method that best meets their needs and easily update their preferences at any time.
Duo Mobile works with Apple iOS and Google Android. Download Duo Mobile for iPhone or Duo Mobile for Android - they both support Duo Push, passcodes and third-party TOTP accounts.
Duo Mobile works on all the devices your users love — like Apple and Android phones and tablets, as well as many smart watches. Duo Mobile also supports biometric authentication, an additional layer of security to verify your users’ identities.