However, I'm not sure if GT's Duo service is self-hosted or is hooked into Duo's service "in the cloud".
To be honest, their useR experience is pretty slick compared to most two factor solutions. I am happy for them, (and their users) that they have been successful, selling into large organizations – good user experience usually isn’t found in large enterprise software due in part to the principal agent problem.
Just want to add another data point: Dartmouth was a relatively early adopter, and while a bit annoying, it chugged along just fine.
And, yes, Duo is normally a great solution for us.
We do have an app that lets faculty exempt students from 2FA, but it's mostly for students who need the exception when taking tests etc.
You are going to see a big change in the tech at UC very soon. The old guard is getting the boot.
Millions of students coming online, textbooks are digital now, SSO all the things. Perfect storm.
I spent 20 minutes trying to figure out what new cookie I needed to grey-list for the half dozen redirections in the M365 auth flow to not bork before I thought to check if it was generally broken.
Great success.
I was among the last to have to use dial-up from off-campus (which required a specialty ISP @ 26.6k or some awful speed). Fortunately, they upgraded their system while I was there, so I could use the “much” faster DSL. Still not as nice as on-campus internet.
This is also a huge vulnerability that has been exploited.
https://www.theregister.com/2022/11/03/mfa_fatigue_enterpris...
Okta offers a similar feature. So much easier to click a confirmation on my phone than to scroll through dozens of 2FA codes (some of which might be orphaned).
Not a super productive morning
There are two products called Google Meet now. The web interface for the former Google Duo is duo.google.com, just rebranded to Google Meet. The former Google Meet still exists on meet.google.com. Both also have their own Android apps - one called Meet and other Meet (original). Both products have a different set of features and neither completely replaces the other.
And before that, I thought Duolingo was a crowdsourced translation app, that doubled as a language learning app.
Duo is a multi-factor authentication/single sign-on platform owned by Cisco
Like the popular password vault says in the name… 1Password for everything. If everything can stand alone in 1Password, it ain’t MFA.
But I have no idea what the difference is between DUO1, DUO2, etc. through DUO73. I feel like they should have a better way to clarify which users are affected.
In this case, it is an external service. However, I also suspect that the Duo outage is probably shielding other on-campus services from load surges that would probably be causing them to get crashy.
I guess I don't know how we could ever prevent such incidents. Given that the first day of classes is a well-kept secret /s.
> Increased load on DUO1 due to significantly increased adoption and simultaneous peak usage across multiple larger customers led to authentication failures.
