Duo Security uses your phone as a second line of defense to keep your accounts from being hacked. Why might you want that kind of protection? For starters, some online accounts are so important you want to make doubly sure that you are the only person accessing them. A strong password is a good line of defense, but attacks from Anonymous and other hackers have made it clear that your passwords aren’t always safe.
Duo Security uses passcodes, sent to your smartphone, feature phone, or even a landline, to add an extra layer of security. When you go to log in into a Duo Security supported account, you enter your credentials plus a Duo Security passcode. For iOS, Android, and BlackBerry devices, Duo Security has a free app called Duo Push. The app sends a login request to your phone with your account details, and by tapping the accept button, you can log in to your account.
If you don’t have a Duo Push-supported smartphone, the Duo Mobile app will generate a random passcode for you to enter online. Feature phone users can get texts with passcodes, and landlines can receive a call to authenticate themselves. If you’d rather avoid the entire phone process, Duo Security provides hardware tokens that generate passcodes.
Duo Security faces competition from RSA SecurID, PhoneFactor, and even Google, which launched its two-factor authentication service for every Googler earlier this month. SecurID and Duo Security’s mobile offerings are nearly identical, though Duo Push is supported by more mobile devices and sends login details to your phone for context.
Duo Security will use the funding, amassed from Google Ventures, True Ventures, and Resonant Venture Partners, to grow its team, develop new technology, and conduct mobile security research.
The company is based in Ann Arbor, Michigan and was founded by Dug Song and Jon Oberheide. Duo Security’s customers include Tumblr and Toyota.