Skip to main content

How To Setup Two-Factor Authentication With RDP On Your VPS with DUO

Learn how to enhance your VPS security with two-factor authentication

Support avatar
Written by Support
Updated over 3 months ago

Two-factor authentication (2FA) enhances security by requiring two separate methods of verification to confirm your identity. These typically include:

1. Something you know (e.g., a username and password).

2. Something you have (e.g., a smartphone app to approve requests).

2FA safeguards against phishing, social engineering, and brute-force attacks, and protects accounts from unauthorized access, even if credentials are compromised.

Duo, a third-party solution by Cisco, integrates with Microsoft Windows systems to enable 2FA for Remote Desktop and local logins. Note: We are not affiliated with Duo; this guide is for informational purposes.

How to Set Up Duo for Your VPS

1. Sign Up for Duo

• Visit Duo’s website and create an account.

• Set up 2FA for your mobile device (recommended).

• Free for up to 10 accounts (no payment method required for free use).

2. Add Microsoft RDP to Duo

• Log in to Duo’s dashboard and click Protect an Application.

How To Setup Two-Factor Authentication With RDP On Your VPS with DUO

• Search for RDP and select Microsoft RDP.

How To Setup Two-Factor Authentication With RDP On Your VPS with DUO

• Click Protect this Application to obtain your integration key, secret key, and API hostname.

Treat the secret key like a password for security.

3. Install Duo on Your VPS

• Download Duo Authentication for Windows Logon:

https://dl.duosecurity.com/duo-win-login-latest.exe

• Run the installer with administrative privileges.

• During installation:

• Enter your API hostname, integration key, and secret key.

How To Setup Two-Factor Authentication With RDP On Your VPS with DUO

• Ensure your VPS can communicate with Duo’s service over HTTPS (port 443).

• Complete the installation and enable the following options for optimal performance:

Only prompt for Duo authentication when logging in via RDP.

4. Add Your VPS User to Duo

• In Duo’s admin panel, go to Users and click Add User.

• Add the username for your VPS (must match exactly).

5. Enroll Devices

• Send an enrollment email to your user from Duo’s interface.

• Follow the email instructions to register devices.

6. Test Your Setup

• Attempt to log in to your VPS as a Duo-enrolled user.

• Confirm Duo authentication options appear:

Duo Push: Approve via a smartphone app.

Call Me: Authenticate via phone call.

Passcode: Use a passcode generated by the app, SMS, or token.


Recommendations:

• Ensure devices and users are enrolled before logging out.

• Keep a backup method (e.g., passcodes) to prevent lockouts.

By enabling Duo, you add a robust layer of security to your VPS, protecting sensitive data and ensuring only authorized users gain access.

Related Links:

QuantVPS Homepage

Did this answer your question?