Environment
Question
Does the Duo two-factor authentication service fail open or fail close?
Answer
The Duo service fails closed. If Dou communication is not available, the EDR servers require local access.
Additional Notes
- If the Duo service is not available, local access to the EDR server allows the service to be temporarily disabled by commenting the cb.conf variable TwoFactorAuthCallbackModulePath and restarting services.
Related Content