User authentications showing blank Duo Prompt using older versions of Chrome and Chrome-based web browsers
Incident Report for Duo
Postmortem

Duo Authentication Prompt not displaying in some Chrome based browsers 

Summary

On December 21, 2021, Duo’s Engineering Team was made aware of an issue with the Duo authentication prompt that prevented it from being displayed properly in some versions of Chrome based web browsers.

Affected users were presented with a blank / white screen in their browsers and were unable to successfully authenticate with Duo.

The issue impacted both the traditional Duo Prompt in the browser and the Universal Prompt. Non-browser-based implementations of the Duo authentication prompt, such as for Windows Logon, were not affected.

The issue has been resolved by a code change deployed to all affected customers.

Details

The issue was caused by a bug introduced in Duo’s late December D231 release, which started deploying to customers on December 16, 2021. This release included enhancements to the Duo Prompt that were incompatible with Google Chrome and Microsoft Edge browser versions 89 - 92 (released February through July of 2021). While Duo routinely tests for backwards compatibility with older web browsers, these particular browser versions were not included in our automated test suite for the D231 release.

The bug affected the following deployments: DUO4, DUO6, DUO7, DUO10, DUO13, DUO19, DUO20, DUO21, DUO23, DUO28, DUO31, DUO33, DUO38, DUO43, DUO44, DUO45, DUO46, DUO47, DUO48, DUO51, DUO52, DUO55, DUO56, DUO62, DUO63, DUO64, DUO66, DUO67, DUO68

It did not affect all deployments because, after the issue was reported, the release was paused while a solution was identified.

A fix for the issue, which added support for the browsers that were previously unable to display the Duo Prompt, was added to the release and redeployed to affected customers. This was finished by 12:06 AM EST on December 22.

Duo’s Engineering Team will be making the following changes using data collected during this incident:

  • Improve the authentication prompt’s ability to gracefully handle browser specific compatibility issues.
  • Implement additional monitoring for browser level errors to allow for earlier detection.
  • Increase browser test coverage to further reduce the likelihood of such issues in the future.

Note: You can find your Duo deployment’s ID and sign up for updates via the StatusPage by following the instructions in this Duo Knowledge Base article.

Posted Dec 22, 2021 - 20:03 EST

Resolved
After monitoring issues affecting authentication using older versions of Chrome and Chrome-based web browsers, our engineers have mitigated the issue by deploying a solution. If anyone is still experiencing issues, please contact us at support@duo.com
We will be posting a root-cause analysis (RCA) here once our engineering team has finished its thorough investigation of the issue.
Posted Dec 22, 2021 - 04:50 EST
Monitoring
This issue has been resolved and we are seeing Chrome-based authentications functioning properly.
We will actively keep this incident in monitoring mode to observe for any recurrence before resolving.
Posted Dec 22, 2021 - 00:20 EST
Identified
We have identified the issue affecting logins which are using Chrome and Chrome-based browsers that are multiple versions behind the current stable release. Our developers are currently testing and deploying a hot fix.
Posted Dec 21, 2021 - 21:07 EST
Update
We are continuing to investigate this issue.
Posted Dec 21, 2021 - 20:59 EST
Update
We are continuing to investigate this issue.
Posted Dec 21, 2021 - 20:58 EST
Investigating
We have identified an issue affecting authentication using older versions of Chrome and Chrome-based web browsers and are in the process of deploying a fix.
Posted Dec 21, 2021 - 20:57 EST
This incident affected: DUO21 (Core Authentication Service), DUO47 (Core Authentication Service), DUO46 (Core Authentication Service), DUO48 (Core Authentication Service), DUO55 (Core Authentication Service), DUO63 (Core Authentication Service), DUO23 (Core Authentication Service), DUO52 (Core Authentication Service), DUO67 (Core Authentication Service), DUO20 (Core Authentication Service), DUO45 (Core Authentication Service), DUO19 (Core Authentication Service), DUO10 (Core Authentication Service), DUO38 (Core Authentication Service), DUO13 (Core Authentication Service), DUO64 (Core Authentication Service), DUO56 (Core Authentication Service), DUO62 (Core Authentication Service), DUO44 (Core Authentication Service), DUO51 (Core Authentication Service), DUO66 (Core Authentication Service), DUO28 (Core Authentication Service), DUO4 (Core Authentication Service), DUO68 (Core Authentication Service), DUO43 (Core Authentication Service), DUO7 (Core Authentication Service), DUO33 (Core Authentication Service), DUO31 (Core Authentication Service), and DUO6 (Core Authentication Service).