← MFA / Passwordless AuthenticationCisco Duo

StrongStrongStrongStrong

4.6

Vendors › MFA / Passwordless Authentication › Cisco Duo

Cisco Duo

Name: Cisco Duo
Rating: 4.6 (1243 reviews)
Author: Cisco

Cisco

Founded 2010·US·Public

4.6

Combined score

4.5395

Gartner

4.7698

⚠

Security incident on record — April 2024 — third-party telephony provider breach exposed Duo MFA SMS logs for ~46k customers

▪ Editorial verdict

Cisco Duo has earned 97% willingness to recommend and Gartner Customers Choice recognition in both 2025 and 2026 by delivering the most balanced MFA in the market: strong security through Device Trust and Risk-Based Authentication, combined with the widest factor breadth and genuinely low deployment friction. For organisations that want the most validated MFA with the lowest resistance from end users, Duo is the default choice.

The April 2024 telephony provider breach that exposed SMS logs for 46,000 customers is worth noting, though it reflects a third-party provider compromise rather than Duo's own systems. The scope is also MFA and device trust, not a full IAM platform.

The verdict: Cisco Duo is right for organisations of any size wanting the most validated, most user-accepted MFA with the strongest device trust enforcement. Organisations needing full lifecycle management and IGA should pair Duo with Okta or Microsoft Entra.

Last reviewed: May 2026

4.5395 reviews

Gartner

4.7698 reviews

PeerSpot

8.4150 reviews

Gartner MQ: Customers' Choice — User Authentication (2026)

MFA / Passwordless Authentication assessment

PROTECTIONStrong

Phishing-resistant factors

4 / 5

Duo supports FIDO2/WebAuthn, passkeys, and Duo Verified Push (number matching). Scored 4 because phishing-resistant options are available but TOTP (Duo Mobile) remains widely deployed and is not phishing-resistant.

Sources: Cisco Duo documentation, CISA MFA guidance

Factor breadth & fallback

5 / 5

TOTP, push, biometric, hardware key, SMS (legacy), voice call. Widest factor breadth in the category. Scored 5.

Sources: Cisco Duo documentation

OPERATIONSStrong

Adaptive & risk-based policies

5 / 5

Adaptive MFA with device trust, location, network, and role-based risk signals. Scored 5 for the most mature adaptive policy engine in the category.

Sources: Cisco Duo documentation, Gartner Customers Choice User Authentication 2026

Device posture integration

5 / 5

Trusted Endpoints policy verifies device health before authentication — MDM and EDR posture signals included. Scored 5 for best-in-class device posture integration.

Sources: Cisco Duo Trusted Endpoints documentation

ANALYTICSStrong

Authentication telemetry

4 / 5

Authentication logs, device health events, and policy decision logging. Scored 4 because telemetry depth for compliance workflows is good but less comprehensive than Microsoft Entra.

Sources: Cisco Duo documentation

TRUST & ECOSYSTEMStrong

Admin & privileged protections

4 / 5

Duo Access Gateway and strong admin MFA enforcement. Scored 4 because while admin protection is strong, dedicated privileged access MFA enforcement is less developed than Microsoft Entra PIM integration.

Sources: Cisco Duo documentation

Strongest: Factor breadth & fallback

Watch out for: Admin & privileged protections

Strengths & limitations

Strengths

●97% willingness to recommend — Gartner Customers' Choice User Authentication 2025 and 2026

●Simplest MFA deployment — working in under an hour

●Device Trust — unique capability verifying device health before login

Watch out for

●Advanced ZTNA locked behind Premier tier

●April 2024 telephony provider breach exposed MFA SMS logs for ~46k customers

●Pricing scales steeply for large enterprise add-ons

Best for

Broad MFA rollouts where ease of deployment and user experience are top priorities — especially SMBs needing free tier.

Not suitable for: Orgs wanting full IAM lifecycle management

Compliance coverage

●Essential Eight

●AU Privacy Act

●SOC 2

●HIPAA

●NIST CSF

●PCI-DSS

●CMMC

●GDPR

●NIS2

●ISO 27001

●CIS Benchmarks

○DORA

Switching intelligence

Switching from

Common migration paths based on review data

Also considering

Vendors typically shortlisted alongside

Also in our database

Cisco also appears in:

Email Security →Firewall / UTM / Network Security →ZTNA / Zero Trust Network Access →CASB / Cloud App Security →

← Back to MFA / Passwordless Authentication Compare with other MFA / Passwordless Authentication vendors →

Quick facts

Pricing modelper user/month; free tier up to 10 users

Pricing rangeFree (10 users); $3-9/user/month (Essentials to Premier)

Free trialYes

Min seats1

Deployment time< 1 day

Complexity1 / 5

Pricing transparency5 / 5

AU presenceYes

IRAP assessedNo

Open sourceProprietary

Deployment

ModelsSaaS

OS supportWindows, macOS, Linux, iOS, Android

CloudAWS, Azure, GCP

SupportPhone, Email, Chat

Data residencyUS, EU, AU

Company

Cisco

Founded 2010 · 1,500-2,000 (Cisco) employees · Public

HQ: US

$500M+ ARR est.

Certifications

FedRAMP Moderate, SOC 2 Type II, ISO 27001, PCI-DSS

Integrations

Microsoft 365Azure ADActive DirectoryOktaCisco ISEVPN solutionsGoogle WorkspaceRDPSSH+ 1 more