On August 4, 2021, Duo’s Engineering Team was made aware of an issue with the Duo authentication prompt that prevented it from being displayed properly in certain web browsers or applications that embed those web browsers. This resulted in affected users being unable to successfully authenticate with Duo.
The issue has been resolved by a code change deployed to all affected customers.
The issue was caused by a bug introduced in Duo’s early August D221 release which was deployed to customers starting on July 29, 2021. This release included enhancements to the Duo Prompt that were incompatible with the following web browsers or applications that embed them:
The bug affected the deployments DUO3, DUO4, DUO5, DUO6, DUO7, DUO10, DUO13, DUO14, DUO19, DUO20, DUO21, DUO23, DUO24, DUO26, DUO28, DUO31, DUO33, DUO37, DUO38, DUO39, DUO42, DUO43, DUO44, DUO45, DUO46, DUO47, DUO48, DUO50, DUO51, DUO52, DUO55, DUO56, DUO57, DUO58, DUO62, DUO63, DUO64, and DUO66.
It did not affect all customers because, after the issue was reported, the release was paused while a solution was identified.
A fix for the issue, which added support for the browsers that were previously unable to display the Duo Prompt, was added to the release and redeployed to affected customers. This was finished by 9:00 pm EDT on August 5. Duo’s Engineering Team has enhanced automated test coverage in this area to prevent similar issues in the future.
Note: You can find your Duo deployment’s ID and sign up for updates via the StatusPage by following the instructions in this knowledge base article.