Duo uses push notifications, time-based, one-time passwords, physical tokens and biometrics to verify the identity of users at login. Similarly, Microsoft Authenticator uses push notifications, one-time passcodes, and biometrics for authentication and can integrate with Microsoft 365 and Azure Active Directory. While both 2FA options share some similarities, there are still key differences that can sway your decision to choose one over the other.
Micosoft Authenticator Configured so it reports application, shows a map with the location of the request origin, requires a two digit number to be typed.
Whole company is on an hybrid Azure AD so it’s just the better choice in our situation because of that. We use Azure Apps to integrate it and Azure AD to manage permissions.