Configuring Cisco Duo for passwordless authentication

This article provides step-by-step instructions to configure Cisco Duo to use DIGIPASS FX7 authenticators for multi-factor authentication (MFA) to ensure secure and efficient authentication for your users.

Before you begin

• Ensure that you have a Cisco Duo account with administrative access.

• Ensure that you have DIGIPASS FX7 authenticators ready for configuration.

• Ensure that you have the Duo Mobile app installed on your mobile device.

Setting up Cisco Duo

1. Log in to the Duo Admin Panel using your administrator credentials.

2. Configure the policies for DIGIPASS FX7 authenticators:

   1. In the Duo Admin Panel, click Policies.

   2. Select the policy that you want to modify or create a new policy.

      Modifying the built-in Global Policy will affect all users and applications.

   3. Select Authentication Policy > Enforce 2FA.

   4. Enable Authentication Methods > Roaming Authenticator (WebAuthn).

      

   5. Click Save.

3. Assign the policies to applications or groups:

   1. In the Duo Admin Panel, click Applications.

      

   2. Select the application that you want to assign the policy.

   3. Under Policy, you can select group policies and add the users who use the DIGIPASS FX7 policy or all users who use this application.

   4. Click Save.

Configuring the user devices

1. Instruct your users to open the Duo Mobile app on their mobile devices.

2. The users need to navigate to Settings > Add Account and either scan the QR code provided by the Duo Admin Panel or enter the activation code manually.

Testing the configuration

1. Have the user log in to an application protected by Cisco Duo.

   The user will be prompted to register the DIGIPASS FX7 authenticator.

2. Verify that the passcode is accepted and the user can successfully sign in.