This article explains how to return a Duo code-generating token and remove it from your account. If you're no longer using the token for multi-factor authentication (MFA), remove it from your Duo account and return it to IT to help keep your account secure
Instructions
Remove the Token from Your Duo Account
- Log into the Multi-Factor Authentication Manager
- Click the Manage Devices button
- In the token card, click Edit, then Delete, then confirm by clicking Delete again
Return the Token
To return a token, bring it to any place a user can obtain one. See: Where can I obtain a MFA code generating token?
Regularly Review Your MFA Devices
Regular review of your MFA devices ensures that
- An attacker cannot add a new device without escaping notice,
- Old or Broken devices don't clutter your list of options, and
- Unneeded Tokens get removed and returned.
Refer to: MFA - Post-enrollment Maintenance
Environment