Configuring Trusted Devices
Duo Security's trusted devices feature is similar to the "remember my computer" or "keep me logged in" features that users are accustomed to seeing when logging in to many websites. With the trusted devices feature enabled, the user is offered a “Remember me for ...” checkbox during login. When users check this box, they aren't challenged for secondary authentication when they log in to that application from that device (and browser) for the specified period of time.
Trusted devices are enabled on a per-application basis, and are currently supported only for web-based applications. Application owners choose whether to allow users to specify a trusted device, or whether the service is critical such that all logins should be two-step, meaning trusted devices are not allowed.
Configuring a trusted device:
- Login to a web application with your HawkID and Password
- At the Two-Step prompt to "Choose an authentication method", at the bottom check the box labeled "Remember me for 30 days" which indicates you're logging in using a device you trust (see below), and then complete the two-step login normally. Subsequent logins for that trusted device will not prompt you for the Two-Step authentication method, until the defined trust period expires.
- If you do not see the "Remember me " option, it has not been made available for the web application you're logging in to.
- Once the trust period expires, you will be prompted for the Two-step login authentication method again, and have the option to check the "Remember me for 30 days" feature.
For this Duo Security function, a trusted device is a combination of a physical computer + a browser. The browser used to set the trusted device flag at login time is the browser on the computer that will be considered trusted.