On December 21, 2021, Duo’s Engineering Team was made aware of an issue with the Duo authentication prompt that prevented it from being displayed properly in some versions of Chrome based web browsers.
Affected users were presented with a blank / white screen in their browsers and were unable to successfully authenticate with Duo.
The issue impacted both the traditional Duo Prompt in the browser and the Universal Prompt. Non-browser-based implementations of the Duo authentication prompt, such as for Windows Logon, were not affected.
The issue has been resolved by a code change deployed to all affected customers.
The issue was caused by a bug introduced in Duo’s late December D231 release, which started deploying to customers on December 16, 2021. This release included enhancements to the Duo Prompt that were incompatible with Google Chrome and Microsoft Edge browser versions 89 - 92 (released February through July of 2021). While Duo routinely tests for backwards compatibility with older web browsers, these particular browser versions were not included in our automated test suite for the D231 release.
The bug affected the following deployments: DUO4, DUO6, DUO7, DUO10, DUO13, DUO19, DUO20, DUO21, DUO23, DUO28, DUO31, DUO33, DUO38, DUO43, DUO44, DUO45, DUO46, DUO47, DUO48, DUO51, DUO52, DUO55, DUO56, DUO62, DUO63, DUO64, DUO66, DUO67, DUO68
It did not affect all deployments because, after the issue was reported, the release was paused while a solution was identified.
A fix for the issue, which added support for the browsers that were previously unable to display the Duo Prompt, was added to the release and redeployed to affected customers. This was finished by 12:06 AM EST on December 22.
Duo’s Engineering Team will be making the following changes using data collected during this incident:
Note: You can find your Duo deployment’s ID and sign up for updates via the StatusPage by following the instructions in this Duo Knowledge Base article.