Duo - Notifications

Duo can notify users about changes to their account, such as when authentication devices are added or removed. These notifications are in the form of email/Duo mobile prompt and ask the user if they made the change. This would alert them if a bad actor compromised their account and silently attempted to make devices changes to reroute 2fa protocols.

Use case: User completes Duo device enrollment process via TrueYou Self Service

Action: User receives welcome verification email from no-reply@duosecurity.com

*Example of email notification

This Image shows what an example email looks like from DUO

 

Use case: Admin creates Bypass Code

Action: No email or app notification sent from Duo

 

Use case: Mobile Device, Tablet, Security Key added via TrueYou Self Service

Action: Email sent from no-reply@duosecurity.com and/or In-App notification

*Example of email notification

This image shows an example email from DUO for if you get a new mobile device added to your account. 

*Example of In-App Notification

This shows an In app notificiaton for getting a new device added to your DUO account

 

Use case: Mobile Device, Tablet, Security Key removed via TrueYou Self Service

Action: Email sent from no-reply@duosecurity.com and/or In-App notification

*Example of email notification

This image shows an example email from DUO for getting a device removed from your account..                       

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

*Example of In-App Notification

This image shows an example in app notification from DUO for getting a device removed from your account

*Note: If a security key is the only device associated with a Duo account, then only an email will be sent.

 

If the user did make the change and receive the email, the user has no further actions necessary. If the user did make the change and receive the in app notification, they should click "yes, it was me" and they'll receive a "thanks for confirming message".

*Example of In-App Notification

This image shows what it would look like to conferm a change to your account in the application

If they did not make the change, they can click or tap “No, it wasn't me” in the message. This sends an email notification to the recipients configured in the Duo "notification email" setting in the "Lockout and Fraud" section. Below is an example of the email sent to Duo Admins. This does not appear as a security event in the trust monitor.

*Example of email notification

This image shows an example email from DUO for getting a device getting removed due to fraudulent activity.