Duo Security’s Blog

Our Product

Our Product

Simple Tools for Complex Security Needs

Connect and protect your employees, business partners and customers with identity-powered security.

Explore All Products

How Does Duo Work for You?

Get the security features your business needs with a variety of plans at several price points.

Duo for Small to Medium Businesses

Desktop and mobile access protection with basic reporting and secure single sign-on.

Duo for Enterprise

All Duo Small/Medium Business features, plus adaptive access policies, greater device visibility, plus advanced device insights and remote access solutions.

Duo for Federal Government

FedRamp authorized, end-to-end FIPS compliant, streamlined solutions.

Duo for State and Local Government

Meet compliance objectives with our friction-free MFA.

Compare Editions Ready to Buy Now?

Key Capabilities

Duo provides secure access to any application with a broad range of capabilities.

Duo Passport

Minimize authentication fatigue.

Cisco Identity Intelligence

Gain insights from your identity data.

Multi-Factor Authentication (MFA)

Verify the identities of all users with MFA.

Remote Access

Provide secure access to on-premise applications.

Device Trust

Ensure all devices meet security standards.

Single Sign-On (SSO)

Provide secure access to any app from a single dashboard.

Adaptive Access Policies

Block or grant access based on users' role, location, and more.

Explore Demos Contact a Duo Rep
Solutions

Solutions

Secure Access for a Variety of Industries & Use Cases

Duo’s security is customizable, easy to set up and simple to use, making it the perfect solution for a wide range of industries.

Explore Our Solutions

By Industry

Duo provides secure access for a variety of industries, projects, and companies.

K-12 Education

Higher Education

Finance

Healthcare

Legal

Retail

Technology

Federal Government

State & Local Government

Meeting Your Goals

Whether you're considering a big-picture security strategy like zero trust, or you want to address a specific threat like phishing attacks, Duo has you covered.

Continuous Identity Security

Stop sophisticated identity-based attacks while providing a seamless authentication experience.

Access Management

This set of tools and policy controls ensures only the right users have access to applications and resources and under the right conditions.

Zero Trust Security

A zero trust model establishes trust in users and devices through authentication and continuous monitoring.

Passwordless

Duo's comprehensive access security sets the stage for user-friendly, password-free multi-factor authentication.

Phishing Prevention

Secure your workforce against phishing attacks with strong multi-factor authentication, device trust and more.

Risk-Based Authentication

Duo’s dynamic solution detects and responds to potential threat signals to secure trusted users and frustrate attackers.

Explore Demos Contact a Duo Rep
Why Duo?

Why Duo?

Strong MFA Security that Doesn't Sacrifice Productivity

With Duo, you can have both, in a platform that integrates across your entire ecosystem. Every user, every device, no exceptions.

Why You Should Choose Duo

Have It All

Duo delivers peace of mind with strong security and increased productivity at an unmatched value.

Speed to Security

Reduce friction and automate processes so that end-users and administrators can focus their time on moving your business forward.

Next Level MFA

Duo continues to pioneer MFA-approaches that keep your business a step ahead of the next threat.

Protection and Productivity

Our Risk-Based Authentication reduces the burden placed on users so they can verify their identity quickly and get back to the task at hand.

Complete Coverage

Close the gap on your security perimeter and bring every user and every device under one secure roof.

Explore Customer Stories

Duo provides secure access for a variety of industries, projects, and companies.

Explore Duo Demos

Click through our instant demos to explore Duo features.

About Duo

Duo Security is part of Cisco Security — find out how we make global security resilience easier than ever!

Explore Demos Contact a Duo Rep
Pricing
Duo Blog
Docs & Support

See All Duo Documentation

Getting Started with Duo

Free Trial Onboarding Guide

Duo Essentials Edition

Remote Access & VPN

See All Duo Resources

Events & Webinars

eBooks

Duo Videos

See all Duo Support

Support for Duo Users

Support for Admins

Additional Support Information
Admin Login

Contact Sales Free Trial

Categories & Archive

A hacker's desk shows the tools of their trade and a laptop with a string of code on the screen.

September 30th, 2014 Thu T.

A History of Hacking: Timeline Infographic

Hacking has remained a fine-tuned craft of the ages; from a breach of telegraph messages in 1903 to the Target breach of just late last year, our ideas of security have evolved, as well as our tactics.

On the side of a shiny-windowed skyscraper, the word Bank appears in large three-dimensional letters.

September 17th, 2014 Thu T.

After a Data Breach: Who’s Liable?

Following the investigation into a breach, the unraveling of the mess afterward can take months, and even years to resolve. Learn who's liable in this situation by taking a look at the cases of Target and The Independent Community Bankers of America (ICBA).

August 26th, 2014 Thu T.

Protecting Against Critical Infrastructure Attacks: Nuclear & Otherwise

The Nuclear Regulatory Commission (NRC) was the target of three separate breaches, according to DarkReading.com and NextGov.com.

July 14th, 2014 Thu T.

Hard-Coded & Default Passwords: Gateway for Massive Attacks

According to an analyst at CERT/CC’s Vulnerability Notes Database, certain Netgear switches contain hard-coded passwords that can allow a remote attacker to authenticate to the web server running on the device.

Sneaky hackers creep around a data center causing trouble.

July 9th, 2014 Thu T.

Anatomy of a Data Breach (2014)

> When it comes to the 2014 Verizon Data Breach Investigations Report (DBIR), web application, cyber-espionage and POS intrusions topped off the list of most frequently occurring categories of data breaches.

Industry News

July 3rd, 2014 Thu T.

POS Remote Access Software: Vulnerable Without 2FA

Breaches of card data and point of sale systems often involve remote access management tools, as attackers scan for remote administration software, then use automated tools to break into weakly protected systems.

June 26th, 2014 Jon Oberheide

The PayPal 2FA Bypass: How Legacy Infrastructure Impacts Modern Security

> If you haven’t enabled two-factor on your PayPal account, you must like living dangerously. With the prevalence of phishing and other credential stealing techniques, relying solely on a password to protect your financially-lucrative accounts is a bad idea.

June 25th, 2014 Zach Lanier

Duo Security Researchers Uncover Bypass of PayPal’s Two-Factor Authentication

> Researchers at Duo Labs, the advanced research team at Duo Security, discovered that it is possible to bypass PayPal’s two-factor authentication Security Key mechanism, in PayPal nomenclature.

June 19th, 2014 Thu T.

Human Error Accounts for Over 95 Percent of Security Incidents, Reports IBM

According to the IBM Security Services 2014 Cyber Security Intelligence Index, over 95 percent of all incidents investigated recognize human error as a contributing factor.

June 16th, 2014 Thu T.

Two-Factor Authentication for Bank Wire Transfers

> In the case of large-scale retail data breaches, class action lawsuits have been brought against the corporations with claims that they did not implement strong enough security standards to keep consumer data safe.