We performed a comparison between Cisco Duo and Microsoft Entra ID based on real PeerSpot user reviews.
Find out in this report how the two Single Sign-On (SSO) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."By deploying Duo, we have virtually eliminated the risk of direct deposit redirection as a result of credentials that have been compromised via phishing."
"The single pane of glass management works very well. That feature is very important because we have a lot of admins who have to manage Duo, and it's much easier when it's a single pane of glass. That single pane is also great because it's easy to enroll new devices."
"The most valuable features of Duo Security are visibility and OTP authentication. The OTP is very important because it is a self-enrollment feature, you are able to enroll users very quickly with a shorter time period."
"The solution is easy to use."
"If you have to log in to something, you must go to Duo Security to confirm that you're who you are on your phone."
"Another feature is the single pane of glass management. That's important for analytics and also for troubleshooting. It means there's one place that you go to at least start the troubleshooting process."
"The single pane of glass management is very important and it is part of the reason we went with Duo. Anything we can do to save time for our administrators, help desk staff, and engineers, is valuable to us."
"The product is reliable and easy to use."
"The most valuable feature of Azure AD is its ability to connect with services outside of Microsoft, although documentation is necessary to properly implement these connections."
"It's a quite comprehensive solution and it scales quite well within our required scale as well, which is very useful."
"It enhanced our end user experience quite a bit. Instead of the days of having to contact the service desk with challenges for choosing their password, users can go in and do it themselves locally, regardless of where they are in the world. This has certainly made it a better experience accessing their applications. Previously, a lot of times, they had to remember multiple usernames and passwords for different systems. This solution brings it all together, using a single sign-on experience."
"Azure Active Directory's single sign-on feature has been helpful because users don't need to authenticate again and again each time they access it. Users only need to sign in the first time, and Azure handles everything. We haven't experienced any errors or security-related issues in the past four years. Many people use our protection servers from outside, requiring multi-factor authentication. Each authentication is logged precisely."
"It has been stable, and we haven't had any issues since we started to use it."
"It's something we have to deal with every day. It is present. If you're in a domain environment, you'll need it to log in. If you work in a Microsoft-centric environment, you can't avoid it."
"The tool's most valuable feature is auto logs. It helps with user activity and monitoring. It also assists us with GLBA policies and procedures. Microsoft Entra ID gives a 360 view of what the user has access to, what applications are available to them, when they are logging in and out, etc. It makes knowing what is happening to our tenants incredibly powerful."
"I like that you can run it on-premises. I also like that I can use Azure at any time as the main one."
"One area that might be improved is that setting up SMS texting is not as easy as using the app, even though it does support it."
"Sometimes, it's a little harder for customers to adopt."
"I believe there are two new features. I am interested in adding auto-admin services and incorporating icons for easier navigation. This could contribute to a new business idea platform. I have seen the features, and they make things easier, resolving issues from before. The platform has been updated, and there's now another link in my platform for media access. When it comes to improvements, the UI can be more user-friendly, and there is room for easier navigation. Perhaps there could be enhancements in customization. I haven't faced issues in storage or backup, but I am open to improvements in customization functionality. It's not my environment, but I see possibilities for improvement in the deployment of funds. The addition of new features is appreciated, and for customization, it could provide more freedom for users."
"While two-factor authentication with mobile devices provides a high level of security, it's still not foolproof, as someone could potentially steal your phone. It would be beneficial to have information about the authentication location."
"We have had instances where Duo Security stops working on a user's device, which we have fixed by uninstalling and then reinstalling it."
"The only challenge is finding the right person sometimes. From what I've seen, being a named account is a big deal."
"It could be a little bit more intuitive when it comes to the sign-up process. I know they send out an email, but sometimes our users get a little confused. It could be an end-user problem, but Cisco could work on that a little."
"Duo has some issues that we're trying to work through. For example, if I install it on a WordPress site and another admin needs to log in, they can't because Duo hasn't been set up for them. It doesn't appear that I can add permissions on a user-by-user basis. It's not obvious."
"From an admin perspective, I would like to see improvement in the Microsoft Graph API."
"The technical support has room for improvement."
"The solution has certain limitations. For example, it has very little governance functionality."
"The scalability of the solution is good."
"Azure AD does not support legacy authentication protocols, such as NTLM or Kerberos."
"Everything should be in one package. There are so many different packages. They need to provide guidance because there are so many features and we don't know how to implement them in our organization."
"I want better integration between Azure AD and the on-prem environment because there are currently limitations that can hamper employee experience. We use a feature called password writeback, that can be challenging to implement in a hybrid environment. Employees can change their passwords using a self-service password reset (SSPR) feature, which reflects from the cloud to the on-prem identity, but not the other way around. Currently, there is no way to reflect passwords from on-prem identities to the cloud."
"Initially, we wanted to exclude specific users from MSA. So, we had a condition policy, which forces MSA for all the users. So we wanted to exclude users who are using an NPS extension. So it was not listed, as a NPS extension was not listed outside an application, in actual, so, we go back and were not able to exclude users using NPS extension from MSA. So that was one limitation that we found and we had to work around that."
Cisco Duo is ranked 2nd in Single Sign-On (SSO) with 47 reviews while Microsoft Entra ID is ranked 1st in Single Sign-On (SSO) with 92 reviews. Cisco Duo is rated 8.8, while Microsoft Entra ID is rated 8.6. The top reviewer of Cisco Duo writes "Helps reduce the risk of a breach and is easy to deploy and onboard". On the other hand, the top reviewer of Microsoft Entra ID writes "Offers a conditional access policy, along with modern authentication methods, and a unified interface". Cisco Duo is most compared with Fortinet FortiToken, Fortinet FortiAuthenticator, Yubico YubiKey, UserLock and Zscaler Private Access, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, Yubico YubiKey, CyberArk Privileged Access Manager and Auth0. See our Cisco Duo vs. Microsoft Entra ID report.
See our list of best Single Sign-On (SSO) vendors and best Authentication Systems vendors.
We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.