Duo Security is a vendor of cloud-based two-factor authentication services.
Duo's service is free for personal use (up to 10 users); additional options are available for business and enterprise users. Duo's two-factor authentication system can be integrated with websites, VPNs and cloud services. The service can be set to work in conjunction with smartphones, personal computers, land lines and security tokens.
Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. Two-factor authentication increases the security of online communications by making it harder for a hacker to masquerade as an authorized user. Duo's authentication factors are the user name and password (something the user knows) and a device (something the user has). A hacker may be able to steal or guess the user name and password but without verification from the user's device will not be able to use the login information.
Here's an example of how Duo's two-factor authentication works: A website user logs into his account and accepts the option to sign up for the service. When he visits the site next he enters his username and password as usual. Duo sends a message to the smartphone or other device associated with that account; the response verifies the user's identity.
Duo two-factor authentication methods:
- One-tap authentication using Duo’s mobile app.
- One-time passcodes (OTP) generated by Duo’s mobile app.
- One-time passcodes delivered to any SMS-enabled phone.
- Phone callback to any phone.
- One-time passcodes generated by an OAuth-compliant hardware token.
Duo was founded in 2009 by Dug Song and Jon Oberheide, in Ann Arbor, Michigan. Companies that have deployed Duo's two-factor authentication systems include Facebook, Etsy, Yelp, Panasonic and Toyota.
See a video demo of setting up Duo's two-factor authentication on a smartphone: