Bob Bentley Senior Product Marketing Manager.See additional information on Duo’s Windows login capability here. Customers do not need to buy any additional licenses for users who use offline MFA. Administrators decide which groups of users can use the offline MFA option. The offline MFA for Windows is available as part of all Duo product editions (Duo MFA, Duo Access and Duo Beyond) at no extra cost. The user’s private key never leaves the hardware, and cannot be used for any other reason. The user’s private key is embedded on the U2F device hardware in a tamper-proof way. At enrollment time, a public/private key pair is generated for each user (a separate pairing for each unique application to be protected). The U2F security key option makes use of asymmetric cryptography. “This use case and integration expands many benefits of U2F for secure login without compromising security or usability for offline support that we are excited to see.” “With the introduction of this new feature, Duo provides a unified solution for offline, online, and web login using a single service and the YubiKey for strong hardware-backed two-factor authentication,” said Jerrod Chong, SVP of Product at Yubico. Once enrolled with Duo, a simple tap or button press on the key provides a second authentication factor to validate a user’s identity at login - similar to the one-tap convenience of online U2F login that users are already familiar with. Learn more about U2F.Ī YubiKey or other standard U2F security key is plugged into the user’s USB port. Universal 2nd Factor, or U2F, is an authentication standard developed by the FIDO Alliance that is designed to be open, secure, private and easy to use. This works for users who don’t or can’t use a mobile device.ĭuo is the first and only security vendor to deliver offline MFA based on U2F security key technology. The advantage here is that it is extremely easy to use (just touch the key when prompted on screen). The second option: users can opt to use a standard physical U2F security key (such as Yubico’s YubiKey). Watch how passcodes work with Duo Mobile in this video: This has the advantage of being very familiar for users who already use the OTP option in the Duo Mobile app on a regular basis. The first option: users can choose the one-time passcode (OTP) method in their Duo Mobile app. Both authentication methods achieve Duo’s high standards for ease of use and provide industry-leading security. Two Usage OptionsĬustomers have the option to choose between two different ways to use Duo offline MFA for Windows. One customer’s story about their rollout and use of offline MFA is located here. We also hosted a heavily-attended customer webinar, recorded here, where we addressed many common customer questions. See our previous blog posts on the subject here and here. We’ve seen overwhelmingly strong interest from customers in the run-up to release. Here’s a few examples of different types of users and user scenarios that Duo now supports:Īn executive or salesperson who works offline or must securely log in to the (offline) computer before connecting to the in-flight Wi-Fi or hotel Wi-FiĪn engineer or contractor at a customer site where they are not allowed to use Wi-Fi or internet, or where there is no internet availableįederal contractors fulfilling requirements for Defense Federal Acquisition Regulation Supplement - Controlled Unclassified Information (DFARS-CUI) This is critical to support users whose job requires them to be temporarily offline, but who still need to perform 2FA to log in to their Windows computer. Duo’s offline MFA for Windows allows end users to perform 2FA even while they are temporarily disconnected from the internet. We’re pleased to announce the general availability of our offline MFA for Windows laptops, desktops and servers. There are two ways to use it - both of them easy to use and highly secureĭuo is the only company to offer Universal 2nd Factor (U2F)-based offline MFAĪvailable now to all Duo MFA, Duo Access and Duo Beyond customers at no additional cost Product & Engineering NovemBob Bentley Offline Multi-Factor Authentication for Windows is Now Availableĭuo’s support for offline multi-factor authentication (MFA) for Windows has shipped
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |