Question
What is Duo Verified Push
Answer
Duo Verified Push is when you are prompted to enter six digits during the Duo MFA sign-in process. This occurs when a risk has been identified during authentication. https://duo.com/docs/policy#verified-push
Authentication will happen normally, unless Duo determines an authentication attempt is unusual or higher risk through a combination of factors:
- Push Harassment – Multiple successive push notifications to bother a user into accepting a push for a fraudulent login attempt
- Push Fatigue – Constant MFA means users pay less attention to the details of their login, causing a user to mindlessly accept a push login
- Login location & Impossible Travel - example: log in from South Dakota & Germany in the same hour
- User denying authentication repeatedly or reporting fraud
If a risk has been found, you will see a numeric six-digit code on your screen that must be entered on your authentication device to approve the Duo Push request. This ensures you cannot accidentally approve login requests when your aren't actively logging in to the application.
What does it look like
What if I don't use the Duo application?
The following factors may be used during a high risk authentication if the app is not available:
- Roaming Authenticators - FIDO2-compliant WebAuthn security keys (ex. Yubikeys)
- Platform Authenticator - Touch ID using compatible browsers (ex. Chrome or Edge)
If you need further assistance, please submit your question here