Team: Huntress EDR
Product: Duo Mobile
Environment: Huntress.IO management portal
Summary: Using and enabling Duo Mobile is the preferred method for Two-Factor (2FA) / Multi-factor (MFA) Authentication within the Huntress.IO portal.
Duo provides robust two-factor authentication for your VPN, email, web portal, cloud services, etc., all from a centrally-managed administration portal. Huntress supports Duo as a second factor using Push, SMS, voice calls, or passcodes.
Enabling Two-Factor For Your Account
Before you can enable any of the specific two-factor methods you'll need to generate backup codes ( and save them somewhere safe!) that can be used to recover access to your account should you ever lose your other second factors. You can learn more about this here.
Setup a Duo Integration (Account)
Before you can enable Duo authentication, you'll need to set up a Duo integration in your Huntress account. Login to your Duo portal with an administrative user and perform the following tasks:
- Click on the "Applications" - "Protect an Application" menu in the left-hand menu pane.
- Search for Huntress in the list of applications and click "Protect."
- Retrieve the Integration key, Secret key (must click in the box to reveal the key), and your API hostname. Record this information for the next steps.
- IMPORTANT! : Your Huntress username is typically your full e-mail address (e.g. email@example.com) but often your Duo username may only be the username portion of your e-mail address (e.g. "user"). If this is the case you must enable the "Username normalization" feature within the Duo portal by selecting "Simple."
Protect an Application > Select the Huntress > Scroll down to Settings > User Normalization NOTE: If your username in Huntress is different from Duo username entirely (e.g. firstname.lastname@example.org vs. email@example.com) you need to utilize the Username aliases feature in Duo.
- Create a Duo integration in Huntress.
- Enter the details for the integration and click Save.
Enable Duo Two-Factor (User)
Before you can setup Duo you'll need to Enable Two-Factor Authentication and generate backup codes. Once two-factor authentication is enabled and a Duo integration is setup, a Duo setup link will appear.
- Open your user preferences page.
- Click Setup to begin the setup process.
- Click Enable to complete the Duo setup.
- VERY IMPORTANT! : When a user enables 2FA, backup codes are generated and they must click the "I've saved these backup codes." Another admin is able to send a recovery link to someone who has lost their backup codes, but if you lose the backup codes to the only admin on your account you will need to open a support ticket, and verify your identity, to regain access. This can delay you in accessing your account. We highly recommend you save these codes in a very safe place, such as your password manager (you're using a secure password manager, right?)
If you decide you no longer want to use Duo as a second factor you can delete it from your user preferences page and you will no longer be prompted. You will however, be prompted for other two-factor methods if others are enabled.
Duo has a feature called "username alias" where you are able to put your old email addresses. It passes them to huntress instead of having to change every email individually in Huntress.