Duo supports several different authentication methods based on the device that the user has enrolled.
Push Notification Authentication
Push notifications are sent to the device directly and the user may just press a button on their Duo Mobile app to login.
Supported by the following Devices:
- Mobile Phone
A notification is presented on the user's phone and the user may just press the accept button on their phone to authenticate.
A six digit authentication code is present on the Duo Mobile app on the device at all times. User has to enter the code to authenticate.
Every device type can enter some kind of passcode.
Phone Call Authentication
User can click on the "Call Me" button to have Duo issue a phone call to the user. Pressing any button after answering the call will authenticate the user.
The "Call Me" button is available for the following device types
- Mobile Phone
Hardware Token Authentication
User's may generate either a six digit or eight digit passcode on their physical hardware tokens.
Entering the token (within the appropriate amount of time) will authenticate the user.
*Note: If the user is using a YubiKey hardware token then they can authenticate by placing focus on the passcode field and simply tapping the device with their finger. If the hardware token configuration was written into slot two of the YubiKey, then the user must hold the finger over the device for at least two seconds.
U2F Token Authentication
U2F tokens allow the user to insert a physical USB device into their computer, and then simply tap the device to authenticate.
When a U2F device is registered with the user, the browser will automatically prompt the user to insert the security key.