Search for blog posts, documentation, or pages

Since starting Duo, the question we’ve gotten most often is: Why another two-factor auth company?

Because nothing else stops attackers in their tracks like strong authentication — if it can be made easy. When the Gartner analyst team asked “If an organization were to spend $100 a year more per employee where should it spend it to get the greatest improvement in security?”, they had no problem arriving at the answer: “strong authentication.” But the spread of two-factor authentication has been hindered by the cost, complexity, and poor user experience of such products over the last 20 years. At Duo, we’re bringing decades of commercial and research experience in enterprise, service provider, mobile, and consumer Internet security to solve the challenges in adopting two-factor authentication. We believe

  • Mobile adoption changes everything. A usable second factor of “something you have” is now available to anyone with a mobile phone – and today’s smartphones are more capable and better networked than laptops were just 5 years ago!
  • Modern attacks require a dynamic defense. Attackers are innovating faster than overworked admins and static products can address; cloud-delivered security services, deployable at scale, backed by specialized teams are the best way to keep up.
  • Usability matters. We aim to frustrate attackers, not users and admins, with solutions that are easy to deploy, manage, and operate.

When your anti-virus, firewall, IPS, host security, and other controls have been bypassed by attackers who have taken over your users’ accounts, strong two-factor authentication is your best defense.

Because sometimes it takes a belt AND suspenders to keep from getting de-pantsed!

Dug Song
CEO & Co-Founder

Dug has a history of leading successful products and companies to solve pressing security problems. Dug spent 7 years as founding Chief Security Architect at Arbor Networks, protecting 80% of the world’s Internet service providers, and growing to $120M+ annual revenue before its acquisition by Danaher. Before Arbor, Dug built the first commercial network anomaly detection system (acquired by NFR / Check Point), and managed security in the world’s largest production Kerberos environment (University of Michigan).


Free Guide

Security for an Age of Zero Trust

Think your organization is ready for the cloud and decentralized security? Download this white paper to learn why you may not be.


phishing (20)  two-factor-authentication (18)  security news (17)  healthcare security (16)  passwords (15)  weekly ink (13)  cloud security (12)  mobile security (11)  federal cybersecurity (10)  malware (10)  infosec-evolution (9)  rsac2015 (8)  banking security (8)  duo mobile (8)  retail data breaches (8)  stolen credentials (7)  financial data breach (7)  stolen-passwords (7)  data breaches (7)  financial institutions (6)  remote access security (6)  remote access attacks (6)  encryption (6)  pci dss (6)  ooba (6)  ios security (6)  2fa (6)  platform edition (5)  uk security (5)  webinar (5)  media security (5)  pos malware (5)  transaction-level 2fa (5)  atms (5)  higher education (5)  rig exploit kit (4)  security research (4)  third-party security (4)  hipaa (4)  data breach notification (4)  retail (4)  bank security (4)  ios (4)  healthcare cybersecurity (4)  2-factor-authentication (4)  vulnerability (4)  blackhat 2015 (4)  google (4)  healthit (4)  medical identity theft (4)  endpoint security (4)  defcon-23 (4)  retail data security (4)  security threats (4)  financial data security (4)  flash security (3)  retail data risks (3)  ssl (3)  critical infrastructure security (3)  social engineering (3)  manufacturing security (3)  law firm security (3)  otp bypass (3)  anthem (3)  out of band authentication (3)  cisco vpn (3)  duo-security-summit (3)  flash vulnerabilities (3)  ios vulnerabilities (3)  payment card breach (3)  target (3)  car security (3)  retail ebook (3)  health it (3)  windows security (3)  e-prescriptions (3)  byod (3)  home depot (3)  healthcare data breach (3)  strong-authentication (3)  stock market (3)  twitter (3)  defcon (3)  defense in depth (3)  outlook-web-app (3)  hipaa security rule (3)  two-factor (3)  iot security (3)  dyre trojan (3)  end-user authentication (3)  aws security (3)  ffiec (3) 

Duo is hiring!

View our open positions

Subscribe to our Newsletter

Get product updates, interesting content, and invitations to online and live events.