Duo Push – Two-Factor Authentication (2FA)

Duo Push is a two-factor authentication (2FA) method provided by Duo Security. Instead of entering only a password, users receive a login approval request ("push") on the Duo Mobile app installed on their smartphone.

• The user simply taps Approve or Deny in the app.
• This method is considered both secure and user-friendly, since it protects against stolen or weak passwords.
• For higher security, Duo also offers Verified Duo Push, where the user must enter a three-digit code shown on the login screen into the Duo Mobile app before approval.

To use Duo Push as 2FA authentication, an application must first be configured at duo.com and the credentials stored in your system.

1. Log in as administrator at https://duo.com/
2. In the left menu, navigate to Applications → Applications.
3. Click Add Application.
4. From the catalog, select Auth API.
5. Enable the application for all users by choosing Enable for all users.
6. Copy the following values and enter them in your system’s Duo settings:
   • Integration key
   • Secret key
   • API hostname

Optionally, you can enable "Verified Duo Push". Users must then enter a 3-digit code for safer verification. You can adjust the policy in the Duo Admin Panel:

• Go to Application Policy (or Global Policy).
• In the panel Authentication methods, check the option Require a Verified Duo Push.

• Duo Mobile App: Each user must install the Duo Mobile app on their smartphone (iOS or Android).
• Enrollment: Users must be enrolled in Duo to be able to receive push notifications.
• Fallback methods: Besides Push, Duo can also provide passcodes, SMS, or phone call verification as backup.