2FA: Two-Factor Authentication

Two-Factor Authentication, also known as 2FA or Multi-Factor Authentication (MFA), is an additional layer of authentication beyond a username and password. 2FA involves something you know (password) plus something you have with you (like Duo Mobile on your smartphone) to prevent someone from logging in with only your password. With Duo 2FA, you still enter your username and password. The second factor provided by Duo is simply an added layer of security on top of your existing credentials. We recommend using Duo Push via the Duo Mobile app to perform 2FA.

By now, most people in business have experienced some kind of 2FA in their day-to-day lives, whether it’s a text message to sign in to their bank or investing platform, or email confirmation with a code to complete the sign-in to an app.

What remains true, however, is that 2FA is not often deployed by small and medium businesses to protect their own resources, leaving their services and data exposed.

Without 2FA, it only takes one good phishing email for an entire company’s data to be compromised. We don’t know about you, but this sounds hella scary to us.

Enter Duo. Duo is part of Cisco, and is a wonderful solution that our team at Ook can deploy and manage for our customers in order to properly secure access to their resources.

We’d be happy to discuss your current situation, and get you on the road to better security and protection by implementing Duo.

Frequently Asked Questions (FAQs) about Duo

No. Having a smartphone makes for an easier and more secure experience with Duo Push. However, if your organization permits it, it is also possible to enroll a non-smartphone mobile device or landline to receive SMS passcodes or phone calls.

Duo Mobile is a mobile application (app) that you install on your smartphone or tablet to generate passcodes for login or receive push notifications for easy, one-tap authentication on your mobile device. It works with Duo Security’s two-factor authentication (2FA) service to make your logins more secure.

If you have a smartphone or tablet, we recommend Duo Push, as it’s quick, easy to use, and secure. See an introduction to Duo Security and a demonstration of Duo Push in this short video:

Duo Push authentication requests require a minimal amount of data — less than 2KB per authentication. For example, you would only consume 1 megabyte (MB) of data if you were to authenticate 500 times in a given month.

No. The Duo Mobile app has no access to change settings or remotely wipe your phone. The visibility Duo Mobile requires is to verify the security of your device, such as OS version, device encryption status, screen lock, etc. We use this to help recommend security improvements to your device. You always are in control of whether or not you take action on these recommendations.