Cisco Multi-Factor Authentication (Duo Security) Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
82 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.1 out of 100

Do you work for this company? Manage this listing

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (26-41 of 41)

Anonymous | TrustRadius Reviewer
June 19, 2018

Great security product that you should already have in place

Score 9 out of 10
Vetted Review
Verified User
Review Source
Duo is used by our entire organization as a whole. We use SSO in our organization very strongly so having Duo as our 2-Factor provider gives us an extra layer of security for our teams and organization.
  • Ease of Use
  • Ease of Implementing
  • Analytics Duo gives on devices and user activity.
  • When a user loses or breaks their device it can sometimes be a headache even with their do-it-yourself portal.
  • 2 Factor Push and Calls have issues in lower developed areas such as the Africa and Philippines with their current carriers.
  • Limiting access per region or country would be nice.
Simple setup on the IT side and easily managed. Few quirks to work out but over all a fantastic product.
Read this authenticated review
Anonymous | TrustRadius Reviewer
August 29, 2018

Duo - Effective, Simple and Reliable Two-Factor Authentication

Score 9 out of 10
Vetted Review
Reseller
Review Source
We use it for all our staff for secure authentication. Whether its email or SaaS applications we utilize Duo to make sure that we limit potential for unauthorized access.
  • Very simple
  • Flexible (swipe, call, or text) responses
  • Reliable. We have not experienced an outage of service in the 2 years we have been using it.
  • You cannot use same device across different organizations.
Well suited for anyone concerned about unauthorized access to systems and data. May be less suited for 1 or 2 person shops.
Read this authenticated review
Kayla Gillespie | TrustRadius Reviewer
May 23, 2018

Duo safeguards our data

Score 9 out of 10
Vetted Review
Verified User
Review Source
Duo is used to provide secure access to our company's information via access to our cloud apps behind multi-factor authentication. It protects company emails.
  • Provides a robust form of multi-factor auth to protect sensitive data like emails and cloud-stored data.
  • Prevents phishers from gaining access to company emails and sending spam even if an employe happens to fall for a phishing scam.
  • Authentication is created by the user with minimal work/intervention from IT after the initial set up.
  • The mobile app could be improved. It is slow to load and the notifications sometimes don't appear requiring the app to be completely opened.
  • The remember device option sometimes re-triggers early, resulting in requiring re-authentication more often.
This is most useful if you are accessing sensitive information like a company email or personal info like addresses, phone numbers, etc.

This might not be necessary to implement for employees that do not have access to that information regardless as that would only impede them from doing their jobs by adding an extra step.
Read Kayla Gillespie's full review
Debbie Johnson | TrustRadius Reviewer
December 28, 2017

Duo - Easy User Adoption

Score 10 out of 10
Vetted Review
Verified User
Review Source
Duo Security is used for two factor authentication for outside connectivity to internal resources across our entire organization, including any third party vendor access for support services.Users use the Duo app on their iPhones. Support vendors use a key fob we purchased specifically for them. Two factor authentication obviously is much safer for external access.
  • User functionality is simple. Our users love the ability to use their iPhones for the authentication.
  • User access is quick. We have had no reports of sluggishness or timeout issues when logging in and no downtime reported for the functionality in the year that we've used the service.
  • Bypass option in Duo is easy to administer when you have to make an exception for a user to bypass the two factor authentication (for example someone lost their iPhone but needs to work remotely until the new phone arrives).
  • Some of the applications that Duo works with offer users the ability to send them a 'push' - which means their iPhone app pops up automatically for them to simply check and approve or not approve button to allow remote access. Users love this. I wish all applications would allow Duo to do this so it was consistent for users. It's even easier then having to enter the PIN code from the app.
  • We have found that the license count on the admin interface is sometimes wrong, counting devices instead of users - but we pay for licenses based on users - so it's sometimes difficult to track properly.
  • It would be nice that users didn't use Duo for 90 days or some period, they would fall off the active license use count. We have all of our users setup in case they need to work remotely, so we find we pay for more access licenses than we actually use in any given period. We have about 30% of our users that have never used it, but we continue to pay for the licenses as a business model decision - but some companies do offer 'active' license count pricing only.
We use it with our Cisco VPN, Citrix, and OWA. For vendors, such as a remote outsourced HelpDesk, we sent a key fob. It's worked great for everyone with everything we've setup so far. Their support has been helpful with the setup as well.
Read Debbie Johnson's full review
Craig Lockley | TrustRadius Reviewer
November 16, 2017

DUO Security - 2 Factor Authentication that works!

Score 9 out of 10
Vetted Review
Verified User
Review Source
Duo Security is used as a 2-factor authentication method when accessing a server locally or remotely via SSH. This is especially true with Linux based servers that contain mission critical functions or sensitive data. This enables the admin users to access the systems they need while keeping intruder users out. It also solved a very real issue around VPN users who now are required to have 2-factor authentication. You can build all the necessities to lock down your network from outside intrusion, but a simple mistake from an end user to accidentally write or share their credentials can defeat any and all efforts you or your team have made.

Duo Security is also very viable for specific use cases such as VPN Access, Administration Access to servers, working in conjunction with a RADIUS server, use of hardware tokens as well as mobile 2-factor text messages. The list of ready to use applications with easy setup is extensive and well documented.

The Duo Security authentication proxy has not been the easiest for integrating into our network however, once it was installed and working, everything just sort of fell into place.
  • Easy and ready to use solutions for popular systems such as Cisco, SonicWall, Windows services, OpenVPN, and some of the most popular password managers.
  • It provides hardware tokens and U2F devices if a mobile device isn't available. Hardware tokens can sometimes be confusing or very in depth to integrate where Duo Security can make this very easy.
  • Policy driven administrative control of the users and which devices they should use or applications to use. They can be defined on a system wide or application level.
  • They offer a great and in depth process and documentation around popular systems, but that may leave you feeling stranded when attempting to use with other devices not listed. For example, MikroTik routers are not officially supported nor was it easy to connect to our LDAP servers without an additional RADIUS Server on top of the DUO Security Proxy.
  • Adding in multiple devices per user is a great feature since not all users will have their phone with them or a Hardware Token with them. It was easy to setup and use but found it difficult to tie one application to one user with multiple devices which can be used to authenticate.
  • Cost of telephone messages are a bit expensive compared to other competitors.
If you use applications or servers already supported by DUO Security. Its a no brainer. If you have routers or security appliances, or even applications that aren't supported then further investigation into implementation viability should be completed. It's always best to do your research first, followed by a real time test implementation before following through with purchasing DUO Security. This is particularly true for VPN Access. For local site or remote system access (via SSH or other protocols), DUO Security is one of the best solutions out there.
Read Craig Lockley's full review
Scott Aldinger | TrustRadius Reviewer
November 28, 2017

Duo Factor Authentication.

Score 10 out of 10
Vetted Review
Verified User
Review Source
Duo is currently being used to to increase security for administrative systems, and those with sensitive information. It's used mostly, but not exclusively, within the internal IT staff. It's also being tested (and working well) as part of the login process with an F5 glb apm for our virtual desktop infrastructure.
  • Very fast response times.
  • Multiple verification methods.
  • Easy to recover accounts.
  • The call me verification, if going to a cell phone, is a vulnerability.
Seriously? Duo or any 2FA should be used anywhere you need to log into something. Passwords alone haven't been sufficient for some time now.
Read Scott Aldinger's full review
Jason Conrad | TrustRadius Reviewer
November 28, 2017

Duo for Dual- Easy and Intuitive!

Score 8 out of 10
Vetted Review
Verified User
Review Source
We used DUO across our organization as a dual factor authentication solution for all VPN and remote desktop logins. Intuitive User interface and Push Notifications gave us a safe and easy to use solution to ensuring safety and security of information of our employees, clients, and companies sensitive information.
  • Easy to use intuitive interface
  • Multiple client devices
  • Dual Factor Authentication
  • Although rare, Authentication loops or slow response can occur.
I would recommend using DUO Security as a dual factor authentication solution for small to midsize organizations when considering software for VPN and remote desktop capabilities.
Read Jason Conrad's full review
Tim Enders | TrustRadius Reviewer
February 23, 2017

Duo Security offers best in class protection AND best in class ease of use.

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Duo Security as our enterprise 2 Factor Authentication (2FA) system at Loyola University Maryland. We currently protect our remote application delivery system, as well as our SharePoint portal and our Office 365 implementation with Duo. Some departments also have additional uses - our Computer Science department protects all remote Linux/UNIX SSH access with Duo, and our IT department protects our password vault with Duo.
  • Duo Security offers what I consider to be best-in-class security architecture, and was designed that way ground up (no RSA-like problems where all of your users' keys can get owned). Their cryptographic implementation is also best in class.
  • Duo Security is incredibly flexible and easy to use for end users. Duo offers a solution that will work for every user. We have had very few issues with adoption from our user base.
  • Duo Security is incredibly easy to implement on the back end. It's cloud-based, and the administrative interface is quick to learn. Setting up applications with Duo typically only takes a few minutes for basic configuration.
  • Duo's reporting facility could be better. Some general reports are easy to get, but the built in interface is limited. To do any real reporting you have to download logs as a CSV or the like (which is actually really easy) and then do reporting in Excel or another similar method.
  • Duo doesn't log an authentication attempt in their main authentication log unless that authentication is completed. A user can try to authenticate via a phone call or text message, for example, and while those are entered in the telephony log, unless the user responds to them and completes authentication, the attempt is not written in to the main authentication log.
Duo Security is extremely well suited to environments such as Higher Ed where the user base is used to a certain amount of control over their own experience and is resistant to change. Because of the flexibility of Duo and the wide number of supported second factor methods, there is a way to use Duo that will work for everyone, including the most stubborn of users. It's also well suited to a shop where there are limited resources to devote to a 2FA implementation, but it is robust enough that some of the biggest companies in the world use it as well.
Read Tim Enders's full review
Jerry Robinson | TrustRadius Reviewer
February 13, 2017

Rest Easy, Feel Secure with Duo Security

Score 9 out of 10
Vetted Review
Verified User
Review Source
Duo Security is used to provide second form-factor authentication for remote access to our corporate information, either through Citrix or Cisco VPN. It is used by any authorized user across the enterprise controlled by membership in a specific active directory group. With Duo Security, we have addressed the need to ensure that access to our resources, specifically our EMR, is granted only to authorized individuals.
  • Duo Security allows a great deal of flexibility.
  • Duo Security allows a variety of ways to provide the authentication; push notification, SMS notification, or passcode.
  • Duo Security integrates with several applications and is simple to use.
  • Some of the reporting could could use improvement.
  • Log review could benefit from the addition of filters. As things are in the version I have, to see the detail I want, I often have to export the logs to CSV and create my own filters/sorting in Excel.
  • Duo Push doesn't always make it to the phone. Often this is due to poor data access on the part of the end user but, on rare occasion, data is available but the push notification doesn't make it. This results a timeout for the user causing login failure.
Duo Security is well suited for any organization that is subject to external compliance requirements or even those who simply want to be sure that the person accessing their network is who they say they are. Though we use it only for external connections, it could easily be used to validate internal connections.
Read Jerry Robinson's full review
Roger Gray | TrustRadius Reviewer
August 01, 2017

Doing it right the 1st time with DUO Security

Score 9 out of 10
Vetted Review
Verified User
Review Source
Duo Security provides an excellent solution for Out Of Band Authentication. Duo also allows you to manage multiple applications across the Duo platform to expand OOB Authentication.
  • Duo provides flexibility in OOB authentication by allowing the use of mobile devices, one-time PINs and predetermined call back numbers.
  • Honestly I have a hard time coming up with a con for Duo security.
Duo is a perfect fit for VPN or remote desktop application authentication.
Read Roger Gray's full review
Steve Turner | TrustRadius Reviewer
July 22, 2016

Duo is fantastic next generation multifactor platform!

Score 10 out of 10
Vetted Review
Verified User
Review Source
Ideally, we had a gap when it came to implementing a multi-factor solution. We were looking for one that was easy for our employees to use, easy to implement, and had low support overhead. Duo fit all of that criteria and more!
  • Easy to use and authenticate!
  • Extremely easy to implement and set up!
  • Awesome technical support should you run into any issues!
  • Duo could use a user portal for enrollment and device management.
  • It's not a traditional setup compared to RSA, etc. It takes some flushing your brain of previous setups.
  • There's no AD integration with the administrative pieces of the product.
Duo is perfect if you're looking to reduce end user support calls, want something with less overhead than RSA, and something that's both easy to use and easy to implement.
Read Steve Turner's full review
Kenny Mai | TrustRadius Reviewer
March 10, 2016

Duo Security - Why Use Anything Else?

Score 10 out of 10
Vetted Review
Verified User
Review Source
Duo Security is being used across all of the Durst Organization as a means to authenticate users attempting to log into our remote desktop server or our Outlook Web Application client. Duo Security is a critical security measure to ensure that only the appropriate users are logging into our system while not in the office or on machines connected to our domain.
  • Duo Security setup for end users is easy. Simply email or text the user and their account is ready to go in seconds.
  • If you already use Duo Security, additional accounts can be added and managed simultaneously. Adding accounts is also easy, simply point the device at the generated QR code.
  • Authentication occurs at near-instant speed. No waiting around for messages to ping back and forth.
  • The ability to rename or give nicknames/aliases to different accounts would be a convenient feature.
  • Fingerprint authentication would be a great feature to add.
Duo Security is simple and lightweight, well suited for almost any scenario.
Read Kenny Mai's full review
Anonymous | TrustRadius Reviewer
May 18, 2018

Duo Thumbs Up for this Two-Step Authentication

Score 10 out of 10
Vetted Review
Verified User
Review Source
Duo allows our entire company to successfully access specific tools that require a two-step authentication. This helps protect our company from potential hacking attempts and ups security for sensitive information. It also makes it easy for users to complete two-step authentication and limits the time spent trying to complete a task like opening an email, hunting down a security code, or waiting on a text message to authenticate.
  • The mobile app is spectacular. Very straightforward, easy to use, and the push notifications on a locked screen save so much time when it comes to authenticating.
  • Adding the tools that need to be added is as simple as scanning a QR code, which makes it a lot less complicated than competitors
  • Allowing more applications to partner with the app, making it where it could handle ALL of your two step-authentication.
Any large company wanting to add an extra layer of security to specific tools. It's great for a tech company, but also easy enough to use for a company with non-technical users. While it will work for smaller companies, and would still be a great tool, I would think companies larger than 200 would benefit the most from the tool since they more than likely are using more tools that would integrate.
Read this authenticated review
Anonymous | TrustRadius Reviewer
December 12, 2017

DUO - Simple and Fast

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use it for multi-factor authentication for our critical systems. It's used across the organization for both full time employees as well as contractors, and even in some cases, customers. It helps us mitigate potential compromise issues with user names and passwords, and adds an additional layer of security. Additionally, [there is a] pretty low impact to users and productivity.
  • It's very responsive/quick. The authentication prompt on your phone comes up within a second, and after authenticating (approving) access is granted almost immediately.
  • The user interface on the phone is straightforward and easy.
  • Installation isn't very complex, though we had a few minor issues.
  • Installation on the phone has run into a few issues, but nothing we couldn't fix by a re-install or a quick call to support.
  • More native application integrations would be good. Though they have quite a few today (SFDC, MSFT, etc...).
  • A bit easier to integrate into custom applications, though some of our apps are pretty old.
I can't think of an area where it wouldn't be well suited, except for automated or services related use cases. It's really simple to use once installed, and very quick. Also we have only had one outage in the past two years, which lasted about 75 minutes. We were able to bypass Duo Security for that time being.
Read this authenticated review
Anonymous | TrustRadius Reviewer
November 09, 2017

Security taken seriously !!

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Duo Security across the organizations for logging into our network. We take security seriously and have enabled second-factor authentication recently for all our internal users (even on LAN). Duo integrates well with all the modes and mediums. "Push" comes handy when you don't have to remember the one time token. It is easy to install and simple even when you switch your mobile. Very effective and secured.
  • It not only integrates well with the laptops but also the mobile devices. Whoever wants to access emails securely on mobile can use Duo. This is the best feature of Duo.
  • Push makes it simple to use it on a daily basis.
  • Sometimes the app hangs and as a result, multiple requests are submitted and unless all the requests are approved, the user is not authenticated. This is an area of improvement.
  • The SLA/turnaround time has to be improved.
The app works best. People who do not want to use the app can get the device.
Read this authenticated review
Anonymous | TrustRadius Reviewer
August 15, 2017

Hooray for DUO!!!!

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Duo Security to let the staff access PeopleSoft Oracle function. It is being used in all departments in our university. Since we are dealing with student grades, and student money, we want to make sure that whoever is granted access to our system is being tracked. I am one of the 4 administrators of the system. So far it is working very well. We plan to implement it for the faculty also. People are still reluctant to use their own cell phone for the 2-factor authentication that is being used. So we offer to them the landline phone in their respective department.
  • If for any reason, someone loses his/her phone and someone else is using it to access the system, the minute they try to authenticate an email is sent to us telling us that security has been breached.
  • If the user loses his/her phone, he/she still can authenticate using the landline.
  • A pass code can be given to them if they have no phone at all. This can be used remotely, i.e. home or outside the country.
  • Right now we are using the client. We anticipate the time when we will be using the web environment.
  • We use to go to each user to implement the functionality. Now, that we have implemented it into our website, someone can actually enroll him/herself and enter their phone and start right away.
  • One of my main concerns is the telephone credits. If we do not use our own phone, we incur 2 credits for each landline call made for Duo Security. If you multiply this by thousand of customers that we have, that is the big number. We must renew our credit as they lower down.
So far, I have seen Duo Security being implemented in universities and banks. I really do not think it is appropriate for small businesses.
Read this authenticated review

Cisco Multi-Factor Authentication (Duo Security) Scorecard Summary

About Cisco Multi-Factor Authentication (Duo Security)

Cisco Multi-Factor Authentication, based on Duo Security, is a two-factor authentication system (2FA), acquired by Cisco in October 2018. It provides single sign-on (SSO) and endpoint visibility, as well as access controls and policy controlled adaptive authentication.

Cisco Multi-Factor Authentication (Duo Security) Technical Details

Operating Systems: Unspecified
Mobile Application:No