By Assia Khadri, NET+ Intern, and Nick Lewis, Internet2 Program Manager
Estimated reading time: 3 minutes
The NET+ Duo Service Advisory Board hosted a NET+ Duo Security subscribers call on August 5 regarding the status of Duo’s next-generation authentication experience — the Universal Prompt.
Nikhil Khare, Ryan Laus, and Ganesh Vellala Umapathy from the Duo Security product team presented the latest information on the Universal Prompt, following a 2020 community call where they shared preliminary plans and gathered community feedback. Many thanks to our presenters for giving us an inside look into this important update for NET+ Duo campuses!
We are planning to host another call in January 2022 to help NET+ Duo campuses prepare to deploy the update to their communities during summer 2022. The call will include fresh insight from a campus regarding its experiences with the Universal Prompt deployment process. If you are interested in attending or would like a copy of the recording from the August 5 call, please contact us at netplus@internet2.edu.
More About the Duo Universal Prompt
It’s no secret that balancing security and productivity is a challenge. According to a survey cited by the Duo team during the August 5 call, over 90 percent of users agree that adding security layers increases user friction, which can negatively impact productivity. That’s where Duo multi-factor authentication (MFA) comes in.
Duo designed its MFA to be easy to use and increase security without adding user friction.
Ganesh shared that in user testing for the new Universal Prompt, the majority of users showed high satisfaction for the interface and how the app reflects industry best practices. Duo spent considerable time improving the UX design for the “Accept” and “Deny” buttons, including significant attention to accessibility. The “Remember Me” option is also more intuitively placed so that users don’t miss it. In response to feedback from the higher education community specifically, the logo, color bar, and background will be fully customizable.
Another example of how this update improves security is that it gently nudges users to choose more secure options for authentication like tokens or the mobile app. It also includes messaging on why MFA is important.
Duo has not yet announced an end-of-life date for the traditional iFrame prompt, but it understands that this is a major update. Campuses will have a year or more to deploy the update and will be able to monitor and control which application integrations support the Universal Prompt through the Duo Admin Panel.
Resources for NET+ Duo Security Campuses
Campuses using Shibboleth may need to update their Shibboleth software to 4.1.x and switch over to the OIDC configuration as part of the Duo Universal Prompt update. Additional details are provided in the following resources:
Documentation is also available regarding Duo for Central Authentication Server (CAS).
The Duo Admin Panel offers more documentation about the Universal Prompt update, how to communicate changes to your users, and artifacts and resources to help customers migrate or update. The following links provide direct access to specific resources:
If you have any questions or are interested in learning more about the NET+ Duo Security program, please contact us at netplus@internet2.edu.