Duo is a two-factor authentication (2FA) solution that generates one-time passcodes and receives push notifications. Companies use Duo to add an additional layer of security to their users’ accounts, and is particularly popular with higher education institutions. Unfortunately, if you need to reset Duo (for example because you changed phones), the process is usually long, frustrating, and, ultimately, insecure.
If you lose or upgrade your phone, or otherwise lose access to your Duo app, you’ll need to reset it. To do this, you’ll most likely need to contact your company’s IT helpdesk.
Duo does offer a self-service portal that administrators can enable, which allows users to change their own authentication devices. However, for security reasons Duo recommends that administrators only enable the following authentication methods:
Some organizations, like Wayne State University, have users log in to their company (or school) account with a username and password, then enter a one-time passcode sent to the user via text message or phone call.
Unfortunately, this creates vulnerabilities and IT tickets: SMS passcodes are vulnerable to phishing, interception, and SIM swap attacks. And sometimes, text messages just never arrive, forcing users to contact IT for help (where they’ll need to be verified via their Duo app, which they can’t access, or via other factors, which are insecure).
The better way to reset a Duo password or Duo MFA app is to use Nametag.
Nametag perfectly compliments Duo by enabling users to securely reset their Duo apps entirely on their own. Here’s how to reset Duo with Nametag:
Nametag integrates with Duo to close a critical security and experience gap: the Duo recovery process. Organizations using Nametag with Duo save up to 30% of their helpdesk costs by deflecting MFA resets to self-service, while protecting employee accounts from takeovers.
Watch a demo of self-service account recovery with Nametag Autopilot, then get in touch to start automating your Duo MFA resets.