Duo Restore

When restoring Duo accounts on a new or replacement device:

• Duo-protected and Duo Admin accounts: Restoring or reactivating them on the new device deactivates them on the old one.
• Third-party accounts: Restoring does not deactivate them on the old device. After confirming passcodes work, delete these accounts or uninstall Duo Mobile from the old device.
• Windows offline access: Restoring does not reactivate offline access. Reactivation creates a second account, delete the restored one before reactivating.
• Passwordless OS Logon: Cannot be restored. If using a different mobile device, re-enroll to log on without a password.
• Need help? End-users (not admins) should submit a ticket at Two-Step Login (Duo) Support..

Prerequisites

• Update Duo Mobile to the latest version on your current iOS device.
• Back up your device to iCloud with Keychain enabled for Instant Restore. Nightly iCloud backups include Duo Restore data. Encrypted iTunes/Finder backups also work.

Duo Restore backup is always on for iOS with iCloud enabled (no backup notification shown). Account restoration depends on Duo Restore being enabled or having a recovery password for third-party accounts.

Enable Duo Restore for Third-Party Accounts

• Turn on backup for accounts like Instagram, Facebook, Snapchat, etc. Duo Mobile cannot recover these without a backup.
• If locked out and no backup exists, you must contact each service for recovery.
• When prompted, tap Enable Now and set a 10–128 character recovery password.
• Store this password securely as Duo cannot recover it. Losing it means manually reconnecting accounts.
• To enable later:
  • Open Duo Mobile → Menu → Settings → Backup third-party accounts.
  • Enter and confirm your recovery password.
• Duo Support cannot recover accounts or reset recovery passwords.

Prerequisites

• If Google account backup is disabled or your device lacks a PIN, pattern, or password lock, see Enabling Duo Restore (Legacy) below.
• Automatic backups require a screen lock (PIN, pattern, or password). Update your lock settings if needed.

Process

1. Open Google Backup settings on your device (path varies by manufacturer; e.g., Pixel: Settings → Google → Backup).
2. Enable Google backups. It's required for Duo Mobile cloud restore.
   • Backups from other vendors (e.g., Samsung Cloud) do not work for Duo Mobile.
3. If app data isn’t enabled, check Other device data to include Duo Restore info → tap Confirm.
4. If Google backup is enabled, verify Apps included in Backup Details.
5. If just enabled, tap Back up now to create your first backup.
6. To enable third-party account recovery:
   • Open Duo Mobile → Settings → Duo Instant Restore.
   • Tap Automatically reconnect third-party accounts from cloud.
7. Nightly Google backups include Duo Restore info. To check last backup: Settings → Duo Instant Restore.
8. Automatic backups require a screen lock.

If you created a Google Drive backup using the old Duo Restore toggle, you can still access this backup to perform an Instant Restore.

Enabling Duo Restore (Legacy)

1. Open Duo Mobile → tap menu icon → Settings.
2. Tap Duo Restore under General settings.
3. Enable Backup accounts with Google Drive.
4. Select Google account and grant permission to store backup in Google Drive.
5. Optionally enable Automatically reconnect third-party accounts.
6. When prompted, create and confirm a recovery password (10–128 characters).
   • Do not lose this password. Duo cannot recover it.
   • Losing it means manually reconnecting accounts later via each service’s 2FA setup.

Recovering Duo-Protected Accounts (Instant Restore)

1. Ensure your device was backed up with iCloud + Keychain or an encrypted iTunes/Finder backup.
2. Sign in to iCloud and restore from backup.
3. Download Duo Mobile (Duo Security LLC) on the new device.
4. Open Duo Mobile → tap Continue.
5. Duo restores your Duo-protected accounts automatically.
6. If you get a new-device activation alert:
   • Tap Yes if you initiated restore (deactivates old device).
   • Tap No if you didn’t (alerts admins and deactivates both devices).
7. Third-party accounts are not restored here need to use your recovery password.

Recovering Third-Party Accounts

1. Restore your iOS device from iCloud or iTunes/Finder backup.
2. Open Duo Mobile → tap Continue.
3. Duo attempts automatic restore; if unsuccessful, enter your recovery password.
4. After restore, you can generate passcodes for those services.
5. Duo-protected accounts require Instant Restore steps separately.