|See also: CalNet 2-Step for information about using Duo MFA with CalNet CAS-protected web sites.|
We are running a limited deployment of Duo Security's Multifactor Authentication (MFA) service for campus IT staff for non-web integrations. To help manage user administration, we are asking for two designated admins per IT staff group. These admins will be responsible for enrolling their IT staff and administering their integration with Duo services.
Please provide the following in a note to email@example.com:
- names and SMS-capable phone numbers for the two new admins (one primary and one backup) for your group
- proposed group name in the Duo Admin app
Recommendations for admins
- Create and use a Duo group to keep your users and Duo integrations (applications) together for ease of applying policies, etc.
- Use the Bulk Enroll Users feature to allow your users to easily self-enroll
- Since there is a cost for telephony-based Duo authentication, i.e., authentication via phone calls and SMS messages, please install the Duo app for your users where possible and have them typically use Duo Push, with Duo Mobile-generated passcodes as a backup authentication option.
- Optionally, hardware tokens such as Yubikeys can provide additional security using OTPs or U2F, depending on the application.
Duo documentation links
Contributed integration examples
Feel free to send us any example Duo integration configurations or other Duo tips and advice that you would like to share with the campus.
- Finding the Duo Authentication Proxy reference doc: this one is a bit hidden on the Duo doc site; see Authentication Proxy - Configuration Reference
For general questions, and for requests for access to the service, write to firstname.lastname@example.org