Skip navigation

Effective October 28, 2019 Duo Security will be transitioning to Cisco's Privacy Statement. View the Duo Privacy Data Sheet.

Two-Factor Authentication Methods

Support Every User

Authenticate anywhere, anytime, with any device using Duo’s options for two-factor authentication methods. Two-factor authentication lets you verify your users’ identities before they log in to protect against phishing and other identity-related attacks.

U2F Security Tokens

Universal 2nd Factor (U2F) allows users to tap a USB device to log into their accounts securely. The device protects private keys with a tamper-proof secure element (SE).

Learn More About U2F

Phone Callback

No texts? No problem. Duo will call your cell phone, landline or car phone. All you need to do is answer and press a key to quickly authenticate.

Learn More About Phone Callback

Mobile Passcodes

Duo uses HOTP to generate codes for all application integrations. Duo Mobile also generates time-based one-time passcodes (TOTP) for third-party sites that support it.

Learn More About Mobile Passcodes

Duo Push

Secure Two-Factor Authentication

Duo Push lets you quickly approve login requests via your smartphone and smartwatch using the Duo Mobile app. Just tap “Approve” and you’re in.

We strongly recommend using Duo Push as your second factor, a more secure method that can protect against man-in-the-middle (MITM) attacks. Duo Push is resilient against credential-stealing attacks, including bypasses of one-time passwords.

Learn More About Duo Push

Hardware Tokens

We support all OATH HOTP-compatible tokens and YubiKeys for users that still need to use physical hardware tokens.

Learn More About Security Tokens

SMS Passcodes

No internet? No problem. Receive a passcode on your phone by text message, and authenticate by typing it into your secondary login prompt.

Learn More About SMS Passcodes

Bypass Codes

We provide bypass codes, useful for lost devices or to provide temporary, single, event or time-based access for contractors.

Learn More About Bypass Codes


WebAuthn allows you to use the built-in TouchID fingerprint reader on MacOS laptops for MFA to securely log into your Duo-protected accounts.

Learn More About Biometrics
  • “The thing that I personally love about Duo is, the interface is absolutely slick. You just can’t beat the fact that it’s one touch, one button, one press.”

    — Paul Pieralde, Principal Product Security Engineer, Eventbrite
  • “It has been very easy to direct users to download and use the Duo-Push phone app. Management is easy using Duo’s web interface and we can gain insights into usage with the reporting tools.”

    — Joe Menendez, Senior Developer, DataComm Networks Incorporated