Guides & TutorialsSecurity Duo Security MigrationDuo Migration Frequently Asked Questions

Duo Migration Frequently Asked Questions

Why are you changing the DuoSecurity configuration?

We know that users enjoy the ease and convenience Duo brings to two-factor authentication - we like it too - the feedback we received from our valued customers is that the ability to manage users directly and use an organisation's existing Duo account was preferable.

As a result, in version 7.0 of WHMCS the implementation was changed to better service our customer's needs, we share the view that the extra few minutes now required to configure DuoSecurity is worth the added benefits.

What happens if I do not migrate?

On 1st July 2017 DuoSecurity users purchased directly from WHMCS will be disabled, meaning it will no longer be possible for staff and/or clients who have DuoSecurity configured to authenticate to the admin and client areas respectively.

Therefore we recommend planning to update to WHMCS 7.0 or above and migrating to the new implementation prior to 1st July 2017.

Instructions for migrating are located here:

Can I use the DuoSecurity module from 7.0 with my 6.3 installation?

A drop-in update to the DuoSecurity module is not available to switch a v6.3 WHMCS installation to the new implementation. This is because changes were required to WHMCS core files to facilitate the use of an organisation's own DuoSecurity account.

Is it mandatory to update to version 7.0?

Updating your WHMCS installation to version 7.0 or above is required in order to continue using DuoSecurity as a second factor authentication method.

If you do not wish to update by the discontinuation date of 1st July 2017, it will be necessary to disable DuoSecurity on or before 1st July 2017.

Are other Two Factor Methods affected by this change?

No. Time Based Tokens and Yubikey authentication will continue uninterrupted.

How much will I be charged during the migration period?

We will not make any charge for DuoSecurity users between the announcement date and the discontinuation date (1st July 2017).

Effective immediately there is no charge for the old implementation method regardless of the number of DuoSecurity users.

Who do I pay for DuoSecurity from today?

After migrating to the new DuoSecurity implementation, you are using your own account held directly with Duo. Therefore payments for are made directly to Duo. WHMCS will not charge you for DuoSecurity users effective immediately.

Even better, Duo offers the first 10 users free of charge.

Do I need to update WHMCS?

If you wish to continue using DuoSecurity as your second factor authentication method, it is necessary to use WHMCS 7.0 or above.

If you are currently using WHMCS 6.3 or below, you will need to update.

How do I update to WHMCS version 7?

Updating to WHMCS version 7 is a manual process, but it's the last manual update you will ever need to perform!

Update instructions are located here:

Once updated to version 7 you will be able to migrate to the new DuoSecurity implementation for uninterrupted access.