91×ÔÅÄÂÛ̳

Introducing the new Verified PUSH

Lamar will introduce Duo's more secure PUSH-based login process, Verified PUSH.

Currently, when you log into a Lamar application or a service protected with Duo using a browser or specific client applications, you are presented with a Duo prompt. At this time, a PUSH notification (Standard PUSH) is sent to the Duo Mobile app for confirmation of your login as a second factor.

While a Standard PUSH is effective in most circumstances, threat actors are slowly experimenting and developing techniques to nullify the security Standard PUSH offers.

To combat these emergent techniques, Verified PUSH will require a dynamic 6-digit code only visible to you to be entered into the DUO Mobile App. This subtle change makes it harder for threat actors to compromise accounts across campus.

Any Action Required?

Other than using the latest Duo mobile app, no additional action is required on your part.

What is changing?

You'll notice that the Duo verification will show you a 6-digit code in addition to location information in tNhe standard process. Other than this change, all other experiences remain the same.

Push comparison

Standard PUSH Process

Verified PUSH Process

NOTE: The new Verified PUSH will not affect the VPN logins or the use of SMS or security keys. 

Why is this changing?

While a Standard PUSH is effective in most circumstances in blocking unauthorized access, threat actors are slowly experimenting and developing techniques to nullify the security Standard PUSH offers. To combat these emergent techniques described below, Verified PUSH will require a dynamic 6-digit code only visible to you to be entered into the Duo Mobile App. 

• Push Harassment – Multiple successive push notifications to bother you into accepting a standard push for a fraudulent login attempt

• Push Fatigue – Constant Standard pushes mean you pay less attention to the details of the login, such as location and time, causing someone to inadvertently accept a standard push login

Will Verified PUSH affect the 'Remember Me/Trust this browser'?

No, this does not affect the 'Remember Me/Trust this browser' function.

Will I be using Verified PUSH from everywhere, including on campus?

Verified PUSH will only be used where the current standard PUSH is used.

Do I need a new Duo Mobile App?

No. Your current Duo Mobile App should work with Verified PUSH. If you have trouble, update the mobile app from your device's App Store or Play Store.