Employees need some control
*** Please read MORAL implications
I am not writing to critique the app itself as I just downloaded the app. A small background, I work for a company who now require this specific app to be downloaded on our personal phones, or we will have "resigned" from the company.
My immediate problem with the app is it gives all control to the company, including the control to direct the app to change my phone, and no ability to turn off the app while not at work.
I feel if the app is being forced on employees by employers to save them money, it should be a "moral" obligation on the part of the developer to give the employee (owner of the phone) some control over the app and how it may function on the phone. But instead, that area is turn off to the employee and total control is granted to the employer.
In my case there is no on/off toggle where the app could be shut down while not needed to perform work functions, and thus reducing the employer's ability to mis-use the app on your phone on your personal time.
Please consider the MORAL obligation to allow the person who is being forced to use your app to have some control how it will be used on their own personal phones. Not everyone works for company that are completely trustworthy. Just because the company made the agreement with you, should not automatically eliminate all rights employee may have over their own personal property, nor give 100% control to the employer over a non-company own phone.
Handles an annoying task with aplomb
I hate the time required to perform two-factor authentication, and so was dreading when my institution began to require it. I was pleasantly surprised that the Duo app handles this task rapidly, much more so than any other app-based or text-based method I’ve used. Usually within about 2 seconds, I can approve a request with a single tap of my Apple Watch (the notification includes an “approve” button) or via two taps of my phone. I wouldn’t hesitate to switch to this system for any other account I use.
EDIT: looking in another review, it appears that I could also be quickly approving with a single swipe or 3D-touch and tap from my phone. Perhaps a brief blurb instructing this within the app would be helpful because I would have been doing so all along!
After reading the negative reviews, I’ve come to the conclusion that people seriously need to take a moment to understand HOW 2FA works, WHERE and WHAT the roles/responsibilities lie and are for each vendor (eg Coinbase vs Duo), and WHY 2FA is important. Is the app perfect? No. Does it work well for what it was designed to do? Yes. Can it be improved? Yes.
Here is my wishlist to improve the usability of the app, hopefully the devs are reading! (1) I have well over 50 tokens (many from the same service), please introduce folders or a way to organize/group tokens. (2) Allow for custom icons instead of restricting it to just the ones you’ve decided to include; this would also help me find tokens more quickly. (3) Allow for token access from a widget on the lock screen (either display passcode or tap to immediately open the token in the app).
As far as working as a 2fac this app is fine, it does that. The issue with it is that it’s a really simple app but has an annoying interface. If the buttons for the push notification could be moved to a more thumb friendly location that would be great. It’s just a screen with 2 buttons, there’s no reason to make me adjust my grip on the phone so I can reach the accept button. I should be able to pick the phone up and hit the button in one motion. Not pick the phone up fumble with the position in my hand then hit the button. It’s annoying and unnecessary. The whole screen is there to use for this purpose and is empty. The buttons are large but the phone screen is also large and it puts the buttons out of comfortable reach for one hand use. Stack them in the middle or something. Maybe a flick gesture, or both, I dunno.
A great option for 2FA
Seeing all the low ratings based on a business’ or university’s decision to apply additional security to their networks, I had to add my two cents. It is 2FA, not Duo, about which most are railing. If you don’t like 2FA, rid the world of hackers and thieves that will use every available means to get into any network they can. Until you accomplish that, accept the fact that for those trying to secure a network, 2FA is a necessary precaution, much like a deadbolt on a door. And Duo is a good method for applying 2FA. We primarily use Duo Push for accessing our systems and it works very well.
Unrelated note: Duo works much better than this rating system, which will tell you after the fact that a nickname has been used but won’t suggest one that hasn’t been...
I love the interface and how there is a variation of event based logins and OTP requests depending on what security factors are necessary for what apps and services.
My wishlist of features mostly consists of needing a complication on my Apple Watch to easily access to the application, rather than needing to search or find in my App Library on the watch, as well as widget access on the iPhone and iPad for further quick access to each OTP passcode I need to type in, as they don't always send push notifications when there is a login attempt made. Other than that, I think the app has come a long way and is user friendly with security as its top priority which is what I would want for any service like this
Love it - but Apple Watch app seems to have a bug
Edit - issue seems to have been fixed. Also, leaving the Duo app running in the background on the phone, which I hadn’t been doing before, helps.
I implemented the free tier of Duo to safeguard my personal VPN against unauthorized access. It works great and having an Apple Watch app is neat too. But recently, I noticed that my watch app wouldn’t generate passcodes anymore. Push notifications to the Watch still work. Restarting the watch seems to work once and then it won’t give codes anymore.
I couldn’t find a way to send feedback in the app itself, so I decided to leave a review. Hope this minor bug can be ironed out so I can get back to enjoying that extra convenience!
2FA seems to be the new standard as far as consumer security is concerned. At first I was a bit frustrated with the inconvenience of having to use my password and phone to log on to my university account, but the added security is definitely worth it. There so many malicious actors when it comes to attacking university data and this switch to Duo Mobile is for the better. Couple of tips: remember to keep one time passcodes on hand, and allow third party accounts to reconnect automatically (for when you reset your phone or get a new iPhone). Definitely recommend this app not just for school accounts, but any other account you want to add extra security to.
Stop deleting my reviews, cowards
Truly cannot imagine a worse method of 2FA. Why can’t I use Face ID? Touch ID? Or just a push to my laptop? But no, that would make too much sense. Definitely better to require the use of another device, because logging in to canvas needs to be more complicated than logging in to my BANK. This app is terrible in every sense of the word. If you are an administrator or employer requiring others to use this, you should be fired. On the spot. Using this app is overly complicated and frustrating, not to mention a poor decision—if your phone is dead, you can’t log in. If Duo had a desktop app I wouldn’t have complaints, but the use of a whole other device to log in to check my grades??? Overly and unnecessarily complicated. If you are considering the use of this app as 2FA, I am BEGGING you to consider any other option. This app is terrible and deserves to be taken off the App Store.
Nice and easy
Pretty straightforward and works to a T. Anyone who wrote a 1 star review are just people who create problems for themselves.
Get this, one guy says it was duos problem because his child and him weren’t able to effectively communicate when to use the 2 factor authentication. Another guy, said it was such an inconvenience that the accept and decline buttons were placed at the bottom of the screen. Like it’s 2 factor authentication, why does it matter that the button position isn't in the optimal space? It literally takes 2 seconds to do this but apparently it’s such a hassle.
Nice and easy process