GreenRADIUS

Duo Security

Tokens Supported

YubiKeys, FIDO tokens, OATH tokens (including Google Authenticator), our own Green Rocket 2FA mobile app YubiKeys, OATH tokens, FIDO U2F tokens, Duo Mobile app

Allows for multiple tokens for each user

Yes Yes

Users pre-selecting tokens before authentication

Users DO NOT need to pre-select which token they will use as their second factor. Users can simply use any of their assigned tokens for authentication. Users MUST pre-select which token they will use as their second factor. Each time a different token will be used, users must select the token prior to authentication.

Auto-enrollment of YubiKeys

Yes, GreenRADIUS can be configured so YubiKeys can be assigned to users automatically upon first use. No, users must register their YubiKeys.

On-premise / Cloud

Yes, GreenRADIUS can be either an on-premise solution, where GreenRADIUS can be set up in an organization’s network and behind its firewall or in a cloud environment, such as an organization’s AWS infrastructure. Cloud only

Windows Logon

YubiKeys and other FIDO U2F tokens can be used for online AND offline login attempts YubiKeys and other FIDO U2F tokens can be used for offline login attempts ONLY. They CANNOT be used for online login attempts

High availability / Synchronization

Multiple GreenRADIUS servers can be synced to provide a HA/failover configuration. For an on-premise solution, even if the external internet is down or offline, users can still authenticate on the internal network. N/A

Token secrets and authentications

GreenRADIUS securely stores and protects token secrets internally. Authentications are also done securely. Token secrets are stored in the cloud, and authentication attempts are validated in the cloud as well