You may be wondering lately if there is an issue with the DUO authentication system. It may seem like you are having to authenticate with DUO more often than you have in the past. There's actually a reason for this.

Duo's Risk-Based Authentication is now being used to provide additional security across all of NC State's systems that require DUO authentication. Risk-Based Authentication is not new to DUO but with an increase in frequency and sophistication of attacks to NC State University systems, Risk-Based Remembered Devices was recently added to provide additional security to Duo's Remembered Devices feature.

This is done by adapting the duration of remembered device sessions in response to risk. Duo's Risk-Based authentication looks at each authentication request and then looks for a pattern that matches a possible attack. If it detects a pattern that looks even a little different from normal user behavior, you will need to authenticate with DUO.

Read more about how risk is accessed at NC State University's Knowledge Base article KB0028392