1. When logging in to a UI service requiring Two-Step Login using a web browser, a Duo Verified Push prompt like the sample below will display on your computer or other device, showing a unique three-digit code.

   

2. Enter that code into the Duo Mobile app on your smartphone or tablet, as shown below, then choose the blue Verify button.

   

NOTE: If the Duo Mobile app on your smartphone or tablet ever displays the above screen when you're not logging in, choose the red I'm not logging in button. That will alert IT staff to potential malicious activity.

Requiring a three-digit code helps prevent “push fatigue” or “push harassment,” which are cyberattacks where hackers attempt to compromise resources by repeatedly sending verification pushes when you have not initiated the verification.

By sending pushes repeatedly, hackers hope you will become confused or frustrated by repeated pushes, which will trick you into approving illegitimate access. Adding the three-digit code helps to ensure that the push is a legitimate verification request you made. 

If there are multiple declined or incorrect login attempts, IT security will be notified of the security risk. Only approve pushes for requests that you have initiated, and do not provide the three-digit code to anyone.

No. Unfortunately at this time, Verified Duo Push is not compatible with smartwatches. This may change over time as vendors update hardware and/or software for smartwatches.

Verified Duo Push will be introduced on April 17, 2025. However, not everyone will notice or see the change immediately as two-factor authentication is typically “saved” for 30 days for web-based apps.

Duo Verified Push only appears in browser-based login prompts. If you're using Duo with an integration that doesn’t involve a browser, you will continue to see the standard Duo Push experience. This is expected behavior, and no changes are required for non-browser-based logins.

Yes. To use Duo Verified Push, your Duo Mobile app and device must meet the following minimum requirements:

• Android: Duo Mobile version 4.16.0 or later on Android 8 or higher
• iOS: Duo Mobile version 4.17.0 or later on iOS 13 or higher

If you're using an older version of the app, you may be prompted to update before you can use Verified Push.

To receive a Verified Duo Push code, you must first initiate a login. A 3-digit code will appear on the browser of the device you are signing into. Enter this code into the Duo Mobile app and click "verify" to complete the login process.

On the other hand, Passcodes in the Duo Mobile app, also known as bypass codes, are 6 digits long and are not prompted by a login. To use these codes, first click the "show" button in the Duo Mobile app. Then, when logging in on a browser, select "bypass codes" from the "other options" menu.