Got a new phone, now I can't log onto my university account
This is the worst app I've ever used. Absolutely unnecessary and difficult. I've put up with it until now, but I can no longer sit silent. I recently got a new phone and in oder to reconnect duo to my university I need to log into my university account. But in order to log into my university account I need to verify it through duo. So obviously through this very dumb circle I can no longer log into my university account on my phone. Duo does offer verification though my old phone, but guess what? I no longer have that phone so it is absolutely impossible for me to verify my account through my old phone. I sincerely hope my university stops using this app as this is the worst experience I've ever had. All I want to do is be able to check my grades on my phone and I'll never be able to do that. And soon my 120 day access will run out on my labtop and I will no longer be able to access my school account which contains my grades, classroom, assignments, and more as I cannot verify my university account through duo. Making it virtually impossible to have access to my school account all because I got a new phone. This is the WORST app and experience I've ever had.
My school forced me to use this
By Rose Mulet's Biggest Fan
No one cares about me enough to try to hack me. The much bigger risk is that I forget my password and lose access to my accounts! This is happened to me many times because of these stupid mandatory changes and is WAY WORSE HARMFUL than the risk of actually being hacked. These “security features” make simple services a PAIN. And they commonly LOCK YOU OUT OF YOUR OWN ACCOUNT. I changed my phone number recently, and this has caused me to get LOCKED OUT of many basic services that require these stupid “two factor authentication” YEARS worth of information GONE because of “Security” What a joke! Also, why should I trust YOU with m my information? Because I DON’T, and I should have the right to NOT give it to you!
Many services now make me change my password and use special characters which means I’m much more likely to forget it, losing all of my information! Stop forcing people to use these. They don’t make you safer, they just make your life more annoying and more likely to lose your information due to you forgetting your needlessly complicated password. Listen to the people.
I wish I could give you and companies like you 0 stars but I can’t
The App that Ruined Online Communication
Look, I admit that I am not an IT security expert, but I have had compromised emails that security technicians were able to secure in moments. On the other hand, Duo has greatly reduced my emailing efficiency for the sake of security I do not need. It seems that they do not actually make a profit by marketing to individuals, but to institutions that choose to invest without surveying their own workers (insert the name of most universities in the US). This app prevents you from doing basic things with your email account if you do not open and use their app. It is literally an app that is made solely to promote itself at the expense of its investors. If you can avoid it, do not download this app. If you have not choice but to download it, let it do its thing to frustrate you, then write a review and communicate with your employer/institution. From my perspective, this is a parasitic application that is blindly invested in by people who don’t fully understand (or need to understand) what it actually is or does. If I could put negative stars on my rating, I would. I hate this app with a passion and I hope that enough people will respond to it as I am now, soon.
Works perfect BUT new users please read my advice:
This works perfectly fine to enable 2 factor authentication for school or business. However I’ve seen some upset user stories so I want to share this piece of advice: Compartmentalize Work, School, Personal authentication apps. Once you have duo downloaded it might be tempting to point your personal accounts to duo for convenience but remember your duo enterprise or uni account isn’t reliable for personal use as you are not the account owner. Microsoft, LastPass, Google just to name a few all have 2 factor apps. Download one of them and keep your personal life separate from business. To those that have “new phone” horror stories, I’d personally recommend an authenticator with cloud backup support. Such as Microsoft Authenticator. (Not affiliated with MSFT but their app works well for me.)
Employees need some control
*** Please read MORAL implications
I am not writing to critique the app itself as I just downloaded the app. A small background, I work for a company who now require this specific app to be downloaded on our personal phones, or we will have "resigned" from the company.
My immediate problem with the app is it gives all control to the company, including the control to direct the app to change my phone, and no ability to turn off the app while not at work.
I feel if the app is being forced on employees by employers to save them money, it should be a "moral" obligation on the part of the developer to give the employee (owner of the phone) some control over the app and how it may function on the phone. But instead, that area is turn off to the employee and total control is granted to the employer.
In my case there is no on/off toggle where the app could be shut down while not needed to perform work functions, and thus reducing the employer's ability to mis-use the app on your phone on your personal time.
Please consider the MORAL obligation to allow the person who is being forced to use your app to have some control how it will be used on their own personal phones. Not everyone works for company that are completely trustworthy. Just because the company made the agreement with you, should not automatically eliminate all rights employee may have over their own personal property, nor give 100% control to the employer over a non-company own phone.
Handles an annoying task with aplomb
I hate the time required to perform two-factor authentication, and so was dreading when my institution began to require it. I was pleasantly surprised that the Duo app handles this task rapidly, much more so than any other app-based or text-based method I’ve used. Usually within about 2 seconds, I can approve a request with a single tap of my Apple Watch (the notification includes an “approve” button) or via two taps of my phone. I wouldn’t hesitate to switch to this system for any other account I use.
EDIT: looking in another review, it appears that I could also be quickly approving with a single swipe or 3D-touch and tap from my phone. Perhaps a brief blurb instructing this within the app would be helpful because I would have been doing so all along!
After reading the negative reviews, I’ve come to the conclusion that people seriously need to take a moment to understand HOW 2FA works, WHERE and WHAT the roles/responsibilities lie and are for each vendor (eg Coinbase vs Duo), and WHY 2FA is important. Is the app perfect? No. Does it work well for what it was designed to do? Yes. Can it be improved? Yes.
Here is my wishlist to improve the usability of the app, hopefully the devs are reading! (1) I have well over 50 tokens (many from the same service), please introduce folders or a way to organize/group tokens. (2) Allow for custom icons instead of restricting it to just the ones you’ve decided to include; this would also help me find tokens more quickly. (3) Allow for token access from a widget on the lock screen (either display passcode or tap to immediately open the token in the app).
As far as working as a 2fac this app is fine, it does that. The issue with it is that it’s a really simple app but has an annoying interface. If the buttons for the push notification could be moved to a more thumb friendly location that would be great. It’s just a screen with 2 buttons, there’s no reason to make me adjust my grip on the phone so I can reach the accept button. I should be able to pick the phone up and hit the button in one motion. Not pick the phone up fumble with the position in my hand then hit the button. It’s annoying and unnecessary. The whole screen is there to use for this purpose and is empty. The buttons are large but the phone screen is also large and it puts the buttons out of comfortable reach for one hand use. Stack them in the middle or something. Maybe a flick gesture, or both, I dunno.
A great option for 2FA
Seeing all the low ratings based on a business’ or university’s decision to apply additional security to their networks, I had to add my two cents. It is 2FA, not Duo, about which most are railing. If you don’t like 2FA, rid the world of hackers and thieves that will use every available means to get into any network they can. Until you accomplish that, accept the fact that for those trying to secure a network, 2FA is a necessary precaution, much like a deadbolt on a door. And Duo is a good method for applying 2FA. We primarily use Duo Push for accessing our systems and it works very well.
Unrelated note: Duo works much better than this rating system, which will tell you after the fact that a nickname has been used but won’t suggest one that hasn’t been...
I love the interface and how there is a variation of event based logins and OTP requests depending on what security factors are necessary for what apps and services.
My wishlist of features mostly consists of needing a complication on my Apple Watch to easily access to the application, rather than needing to search or find in my App Library on the watch, as well as widget access on the iPhone and iPad for further quick access to each OTP passcode I need to type in, as they don't always send push notifications when there is a login attempt made. Other than that, I think the app has come a long way and is user friendly with security as its top priority which is what I would want for any service like this