What changed with Duo 2FA prompts?

Overview

The Duo Universal Prompt is the next-generation version of Duo's interactive, web-based authentication. The new prompt is more adaptive and contextually aware, providing additional security, while being easier to use and more accessible for clients. Other than a visual change, the most obvious difference that clients will experience is that instead of showing the Duo prompt within the sign-in page, clients will be redirected to a page hosted by Duo at duosecurity.com to show the Duo prompt, and then redirect back to the protected application after two-factor authentication is completed.

  • The new Duo Universal Prompt will live alongside the existing AITS Duo iFrame, which will be presented when accessing AITS applications (Banner, HR Reporting, My UI Info, NetID Center, Direct Deposit, etc.).
  • Clients can enroll in 2FA for the first time via the Duo Universal Prompt, even while off-campus.
  • The Duo Universal Prompt helps keep clients secure by automatically choosing the most secure authentication option by default.
  • Clients can manage devices from a Duo Universal Prompt window, avoiding the need to visit a different page. In addition, the Duo Universal Prompt enables clients to enroll and use more secure authentication devices such as WebAuthn/FIDO2 security keys.
    Note:
      • Hardware tokens purchased from the Webstore must be initially enrolled in the NetID Center. The tokens can then be used at either Duo prompt.
      • Clients bringing their own compatible WebAuthn/FIDO2 Security Key can only enroll and use the device via the Duo Universal Prompt.
      • Yubikey 5 NFC devices sold through the Webstore can be set up as a hardware token through the NetID Center and as a WebAuthn/FIDO2 key via the Universal Prompt.
         
  • The Remember Me function of Duo is functionally the same as before, but now it will ask you 'Trust this browser?'.
    • This will reduce the amount of times you have to authenticate with Duo.
    • Do not trust the browser when using a public or shared computer! Trust the browser only when you access applications from your own computer.
    • You'll see this prompt when logging in via desktop apps such as Outlook or Teams as well. 
    • More information can be found here: MFA, Remember Me

2FA Topics

Visual Difference
(New) Duo Universal Prompt AITS Duo iFrame
Duo Universal Prompt AITS Duo iFrame

 

0% helpful - 1 review
Manage 2FA

Details

Article ID: 2672
Created
Tue 3/14/23 9:46 AM
Modified
Tue 2/20/24 7:30 PM

Related Services / Offerings (1)

2-Factor Authentication
2-Factor Authentication is a method of confirming your identity by utilizing something you know (password) AND a second factor.