Audience
Public
Problem
Central Piedmont ITS Cybersecurity has identified that push-based authentication can be vulnerable to:
- Push Harassment – Multiple successive push notifications to bother a user into accepting a push for a fraudulent login attempt
- Push Fatigue – Constant MFA means users pay less attention to the details of their login, causing a user to mindlessly accept a push login
Due to the risks of accidental acceptance of a fraudulent login, Central Piedmont ITS has decided to move to a more secure version of Duo’s Multi-factor authentication.
Introduction
Duo Security's Verified Push is a feature designed to enhance the security and convenience of multi-factor authentication (MFA). Verified Push streamlines the process by verifying the authentication request through a push notification with a verification code, minimizing the risk of accidental or unauthorized approvals. This article provides a step-by-step guide on how to use Duo's Verified Push for MFA.
What is Verified Push?
Verified Push is an advanced feature within Duo's multi-factor authentication system that adds an additional layer of security by requiring users to use a generated code to approve or deny an authentication request. This feature helps ensure that only authorized users can approve authentication requests and reduces the risk of unauthorized access due to accidental or fraudulent approvals.
How to Use Verified Push for Authentication
- Initiate a Login Attempt
- When you log in to a system that requires Duo multi-factor authentication, enter your username and password as usual.
- Receive a Push Notification
- After entering your credentials, you will receive a push notification from the Duo Mobile app on your smartphone with a verification code displayed. This notification will indicate that an authentication request is waiting for your response.
- Review and Verify
- Open the Push Notification:
- Tap on the push notification to open the Duo Mobile app.
- Verify the Details:
- Check the details of the authentication request. Ensure that the request is legitimate and that you recognize the application or service requesting access.
- Approve or Deny:
- If the request is valid, enter the verification code seen on your devices screen and click “Verify” to complete the authentication process. If the request is not recognized or appears suspicious, tap "I’m not logging in" to reject it.
- Complete the Login
- After you approve the request, your login will be completed, and you will gain access to the system or application. If you denied the request, you will need to retry the login process or contact the Service Desk via a Service request ticket for assistance.
- Service Desk tickets can be created at https://servicedesk.cpcc.edu
Outcome
You have now successfully logged in with your Central Piedmont account and Duo's Verified Push.
Knowledge Test
To test your knowledge of how to use the new Duo verified push, please visit this demo site.