Big Cracks in Duo Security
Duo Security. But where is the SECURITY? Cisco Duo’s authentication service uses OUTDATED TECHNOLOGY, employing event-based one-time passwords, which is vulnerable to man-in-the-middle attacks and social engineering, since their passwords can be collected and used at any time.
You could have less secure MFA from Cisco Duo Security and get hacked
You will be prompted to type in the event-based password. It might say there was an authentication error and then ask for the next event-based one-time password and maybe even ask for it one more time to confirm. Now the hacker has three valid one-time passwords that can be used to log in three times, at any time. They can collect them and calmly use them at any future time.
You could have more secure MFA from WatchGuard and keep hackers out
You will be promoted to type in the time-based one-time password. In order to hack your account, the hacker will have to start the connection and hack at that exact moment with no time to lose. They get one shot at that precise moment and cannot use your time-based one-time password to validate at a future time.
Cisco Duo is a networking company, not a security company!
Industry Standard = Time-Based One-Time Password Tokens
Every time you log in, the AuthPoint app will recreate Mobile Device DNA and include it in a time-based one-time password calculation, which is an industry best practice. If any of the unique mobile device characteristics were changed (e.g. by configurating an attempt to run it on a different device), then an invalid one-time password will be generated, and access will be denied. This login approval and denial information is displayed on your AuthPoint dashboard and can be accessed at any time. Duo uses event-based one-time passwords which are less accurate than time-based one-time passwords because they are vulnerable to man-in-the-middle attacks.
Find out how WatchGuard does it:
This form requires the Marketo script to function properly.
Smart Security, Simply Done. It’s the WatchGuard Difference.
Effective MFA Protection with Unique Mobile DNA
AuthPoint uses a push message, QR code, or one-time password as an additional factor proving your identity; and our mobile device DNA matches the authorized user’s phone when granting access to systems and applications. Therefore, any attacker who clones a user’s device in an attempt to access a protected system would be blocked - since the device DNA would differ.AuthPoint was rather simple to install on our network, thanks to the help of technical support. Combined with the simplicity for our employees, it was easy to use from the very start.
~Kostantinos Theodorou, Systems Administrator, MedNet
No Hidden Costs
With no expenses for additional infrastructure, hardware tokens, and software support and maintenance, for roughly what you’ll pay for your morning cup of cappuccino.The price is very affordable - lower than others in the same market, especially if you buy a 3-year term.
~Don Gulling, President, Verteks Consulting
WatchGuard’s ecosystem includes dozens of 3rd party integrations with AuthPoint – allowing companies to require users to authenticate before accessing sensitive Cloud applications, VPNs and networks. AuthPoint supports the SAML standard, permitting users to log in once to access a full range of applications and services.
Easiest to Set Up and Manage
Companies with limited IT staff and security expertise benefit from MFA protection that’s easy to deploy and manage on the WatchGuard Cloud platform. You can access it from anywhere, and there is no need to install software, schedule upgrades or manage patches.Simply the best, easy to implement and use
Thank you for taking the first step in protecting your organization from a breach. We will be in touch soon, but in the meantime, these resources can help you understand how hackers steal passwords, the risks of relying on passwords alone, and how AuthPoint can help.