Due to duo using the hotp rather than the totp algorithm, this app is easily vulnerable to phishing, which is subverting the whole point of two factor. Lack of support to use a real otp app with the duo service as well.
When i add an account it only shows my email address, I cannot tell which site the code is for. Please allow me to label my accounts so I know which website goes with each code.
Duo is a great app for two-factor authentication. It's implementation of push notifications works amazing. The 1 star reviews here are disgruntled people who were forced to turn on two factor for their accounts for University or company.
Without notice installs a background service for monitoring the clipboard. Also appears to use background data periodically when changing access points. For a security application this is very sketchy. Google authenticator does OTP without doing either, but Duo apparently obfuscates the secret (security through obscurity) so one can't use an app of your choice if a company decides to use it. Fortunately they have an option to have them call you rather than use the app.
This is the most inconvenient thing my university forced me to download. Hate it.
Fascism is not the obligation to stay silent. It is the obligation to download an app and keep it running on your phone all the time just to login to your university account.
- Miscellaneous bug fixes and improvements.
- Added Trusted Endpoint validation
Use Truecaller to identify unknown calls, and block spam calls and spam SMS.